Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomalé PC, WMI provider host??

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
visis
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 dub 2007 12:21

Pomalé PC, WMI provider host??

#1 Příspěvek od visis »

Dobrý den,

prosím o kontrolu logu. PC je pomalé a WMI provider host neustále vytěžuje procesor 5-30%.
Děkuji moc :-)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2017-09-17 16:01:47
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 119 GB (60%) free of 200 GB
Total RAM: 2559 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:03:07, on 17.9.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18792)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Honza\Downloads\RSIT.exe
C:\Program Files\trend micro\Honza.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\Windows\system32\IFXSPMGT.exe /NotifyLogon
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ACPW06EN] "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RIM PeerManager] "C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Dropbox, Inc. - C:\Windows\system32\DbxSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\IFXTCS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - BlackBerry Limited - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10849 bytes

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files\Dropbox\Update\DropboxUpdate.exe

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalé PC, WMI provider host??

#2 Příspěvek od Rudy »

Zdravím!
Log není kompletní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

visis
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 dub 2007 12:21

Re: Pomalé PC, WMI provider host??

#3 Příspěvek od visis »

Ještě jednou, snad komplet...

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2017-09-17 21:49:42
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 119 GB (60%) free of 200 GB
Total RAM: 2559 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:50:05, on 17.9.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18792)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Honza\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Honza.exe
C:\totalcmd\TOTALCMD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\Windows\system32\IFXSPMGT.exe /NotifyLogon
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ACPW06EN] "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RIM PeerManager] "C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Dropbox, Inc. - C:\Windows\system32\DbxSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\IFXTCS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - BlackBerry Limited - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10553 bytes

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\6z4izsdo.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.130 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_130.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\6z4izsdo.default\extensions\
{0545b830-f0aa-4d7e-8820-50a4629a56fe}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-14 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-14 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]
"IFXSPMGT"=C:\Windows\system32\IFXSPMGT.exe [2013-08-26 661024]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-26 815104]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2013-03-29 11930696]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"ACPW06EN"=C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [2012-12-17 1135304]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2011-04-01 80840]
"PMBVolumeWatcher"=C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2011-11-25 688184]
"Dropbox"=C:\Program Files\Dropbox\Client\Dropbox.exe [2017-09-14 3487032]
"RIMBBLaunchAgent.exe"=C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2014-10-31 443640]
"RIM PeerManager"=C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [2015-03-19 4861688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-02-12 6638296]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2017-03-17 254840]
"Free Download Manager"=C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe --minimized []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=serwvdrv.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.I420"=MSh263.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2017-09-17 16:01:47 ----D---- C:\rsit
2017-09-17 16:01:47 ----D---- C:\Program Files\trend micro
2017-09-16 22:24:40 ----A---- C:\Windows\system32\mshtml.dll
2017-09-16 22:24:39 ----A---- C:\Windows\system32\ieframe.dll
2017-09-16 22:24:38 ----A---- C:\Windows\system32\jscript9.dll
2017-09-16 22:24:37 ----A---- C:\Windows\system32\wininet.dll
2017-09-16 22:24:37 ----A---- C:\Windows\system32\win32k.sys
2017-09-16 22:24:37 ----A---- C:\Windows\system32\iertutil.dll
2017-09-16 22:24:36 ----A---- C:\Windows\system32\vbscript.dll
2017-09-16 22:24:36 ----A---- C:\Windows\system32\shell32.dll
2017-09-16 22:24:36 ----A---- C:\Windows\system32\msfeeds.dll
2017-09-16 22:24:35 ----A---- C:\Windows\system32\urlmon.dll
2017-09-16 22:24:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-09-16 22:24:35 ----A---- C:\Windows\system32\ntkrnlpa.exe
2017-09-16 22:24:35 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-09-16 22:24:34 ----A---- C:\Windows\system32\mmc.exe
2017-09-16 22:24:34 ----A---- C:\Windows\system32\localspl.dll
2017-09-16 22:24:34 ----A---- C:\Windows\system32\iedkcs32.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\Wldap32.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\win32spl.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\usp10.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\mshtmled.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\ie4uinit.exe
2017-09-16 22:24:32 ----A---- C:\Windows\system32\ntprint.dll
2017-09-16 22:24:32 ----A---- C:\Windows\system32\nsisvc.dll
2017-09-16 22:24:32 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-09-16 22:24:31 ----A---- C:\Windows\system32\ntdll.dll
2017-09-16 22:24:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-16 22:24:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-09-16 22:24:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-09-16 22:24:30 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-09-16 22:24:30 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-09-16 22:24:30 ----A---- C:\Windows\system32\cic.dll
2017-09-16 22:24:29 ----A---- C:\Windows\system32\mmcshext.dll
2017-09-16 22:24:29 ----A---- C:\Windows\system32\mmcbase.dll
2017-09-16 22:24:29 ----A---- C:\Windows\system32\dxtrans.dll
2017-09-16 22:24:28 ----A---- C:\Windows\system32\webcheck.dll
2017-09-16 22:24:28 ----A---- C:\Windows\system32\msrating.dll
2017-09-16 22:24:28 ----A---- C:\Windows\system32\dxtmsft.dll
2017-09-16 22:24:27 ----A---- C:\Windows\system32\shdocvw.dll
2017-09-16 22:24:27 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-09-16 22:24:26 ----A---- C:\Windows\system32\winnsi.dll
2017-09-16 22:24:26 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-09-16 22:24:26 ----A---- C:\Windows\system32\ieui.dll
2017-09-16 22:24:25 ----A---- C:\Windows\system32\occache.dll
2017-09-16 22:24:25 ----A---- C:\Windows\system32\jscript9diag.dll
2017-09-16 22:24:25 ----A---- C:\Windows\system32\ieUnatt.exe
2017-09-16 22:24:25 ----A---- C:\Windows\system32\iesetup.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\nsi.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\jsproxy.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\inseng.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\iernonce.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\smss.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\rpcss.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\rpcrt4.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\ole32.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\ntprint.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\netbtugc.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\kerberos.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\jscript.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\ieapfltr.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\srv.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\advapi32.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\winsrv.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\srcore.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\schannel.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\msv1_0.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\lsasrv.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\KernelBase.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\inetpp.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\wpnpinst.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\wdigest.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\TSpkg.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\sspicli.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\srclient.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\secur32.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\rstrui.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\rpchttp.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\ncrypt.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\lsass.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\kernel32.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\inetppui.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-09-16 22:24:21 ----A---- C:\Windows\system32\drivers\appid.sys
2017-09-16 22:24:21 ----A---- C:\Windows\system32\csrsrv.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\cryptbase.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\credssp.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\conhost.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\bcrypt.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\appidsvc.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\appidapi.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\apisetschema.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-16 22:24:20 ----A---- C:\Windows\system32\sspisrv.dll
2017-09-16 22:24:20 ----A---- C:\Windows\system32\comcat.dll
2017-09-16 22:24:20 ----A---- C:\Windows\system32\auditpol.exe
2017-09-16 22:24:20 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-09-16 22:24:20 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-09-16 22:24:19 ----A---- C:\Windows\system32\PrintBrmUi.exe
2017-09-16 22:24:19 ----A---- C:\Windows\system32\oleres.dll
2017-09-16 22:24:19 ----A---- C:\Windows\system32\msobjs.dll
2017-09-16 22:24:19 ----A---- C:\Windows\system32\msaudite.dll
2017-09-16 22:24:19 ----A---- C:\Windows\system32\adtschema.dll
2017-09-14 23:41:12 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2017-09-14 23:41:12 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2017-09-14 23:41:12 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2017-09-14 23:41:12 ----A---- C:\Windows\system32\DbxSvc.exe
2017-09-10 13:53:13 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-09-10 08:13:10 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2017-09-10 08:13:06 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-09-10 08:12:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-09-10 08:12:35 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-09-10 08:12:11 ----A---- C:\Windows\system32\drivers\mbae.sys
2017-09-10 08:11:32 ----D---- C:\Program Files\Malwarebytes
2017-09-10 08:11:10 ----D---- C:\ProgramData\MB2Migration
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msrepl40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msrd3x40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msrd2x40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msjtes40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msjetoledb40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msjet40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\msxbde40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\mspbde40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\msltus40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\msexcl40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-09-08 21:24:28 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-09-08 21:24:26 ----A---- C:\Windows\system32\tquery.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\wdc.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\Query.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\mswstr10.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\mswdat10.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\mssrch.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\msjter40.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\msjint40.dll
2017-09-08 21:24:24 ----A---- C:\Windows\system32\msinfo32.exe
2017-09-08 21:24:24 ----A---- C:\Windows\system32\drivers\netio.sys
2017-09-08 21:24:24 ----A---- C:\Windows\system32\drivers\http.sys
2017-09-08 21:24:24 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-09-08 21:24:24 ----A---- C:\Windows\system32\clfs.sys
2017-09-08 21:24:23 ----A---- C:\Windows\system32\wer.dll
2017-09-08 21:24:23 ----A---- C:\Windows\system32\t2embed.dll
2017-09-08 21:24:23 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-09-08 21:24:23 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-09-08 21:24:23 ----A---- C:\Windows\system32\mssph.dll
2017-09-08 21:24:23 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2017-09-08 21:24:23 ----A---- C:\Windows\system32\drivers\bthpan.sys
2017-09-08 21:24:22 ----A---- C:\Windows\system32\wvc.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\wermgr.exe
2017-09-08 21:24:22 ----A---- C:\Windows\system32\werdiagcontroller.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-09-08 21:24:22 ----A---- C:\Windows\system32\perfmon.exe
2017-09-08 21:24:22 ----A---- C:\Windows\system32\pdhui.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\mssvp.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\mssphtb.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\mssitlb.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\msscntrs.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-09-08 21:24:21 ----A---- C:\Windows\system32\resmon.exe
2017-09-08 21:24:21 ----A---- C:\Windows\system32\mssprxy.dll
2017-09-08 21:24:20 ----A---- C:\Windows\system32\msshooks.dll
2017-09-08 21:24:19 ----A---- C:\Windows\system32\mstext40.dll
2017-09-08 21:24:19 ----A---- C:\Windows\system32\msexch40.dll
2017-09-06 20:48:52 ----D---- C:\Users\Honza\AppData\Roaming\PhoenixRC
2017-09-06 17:31:18 ----A---- C:\Windows\system32\XAudio2_7.dll
2017-09-06 17:31:18 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2017-09-06 17:31:17 ----A---- C:\Windows\system32\xactengine3_7.dll
2017-09-06 17:31:17 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2017-09-06 17:31:16 ----A---- C:\Windows\system32\d3dcsx_43.dll
2017-09-06 17:31:15 ----A---- C:\Windows\system32\d3dx11_43.dll
2017-09-06 17:31:15 ----A---- C:\Windows\system32\d3dx10_43.dll
2017-09-06 17:31:13 ----A---- C:\Windows\system32\D3DX9_43.dll
2017-09-06 17:31:12 ----A---- C:\Windows\system32\XAudio2_6.dll
2017-09-06 17:31:12 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2017-09-06 17:31:11 ----A---- C:\Windows\system32\xactengine3_6.dll
2017-09-06 17:31:11 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2017-09-06 17:31:10 ----A---- C:\Windows\system32\xactengine3_5.dll
2017-09-06 17:31:09 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2017-09-06 17:31:08 ----A---- C:\Windows\system32\d3dx11_42.dll
2017-09-06 17:31:08 ----A---- C:\Windows\system32\d3dcsx_42.dll
2017-09-06 17:31:07 ----A---- C:\Windows\system32\D3DX9_41.dll
2017-09-06 17:31:05 ----A---- C:\Windows\system32\XAudio2_4.dll
2017-09-06 17:31:05 ----A---- C:\Windows\system32\xactengine3_4.dll
2017-09-06 17:31:04 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2017-09-06 17:31:02 ----A---- C:\Windows\system32\d3dx10_40.dll
2017-09-06 17:31:02 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2017-09-06 17:31:01 ----A---- C:\Windows\system32\D3DX9_40.dll
2017-09-06 17:31:00 ----A---- C:\Windows\system32\XAudio2_3.dll
2017-09-06 17:31:00 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2017-09-06 17:30:59 ----A---- C:\Windows\system32\xactengine3_3.dll
2017-09-06 17:30:58 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2017-09-06 17:30:57 ----A---- C:\Windows\system32\XAudio2_2.dll
2017-09-06 17:30:57 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2017-09-06 17:30:55 ----A---- C:\Windows\system32\xactengine3_2.dll
2017-09-06 17:30:54 ----A---- C:\Windows\system32\d3dx10_39.dll
2017-09-06 17:30:54 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2017-09-06 17:30:53 ----A---- C:\Windows\system32\D3DX9_39.dll
2017-09-06 17:30:52 ----A---- C:\Windows\system32\XAudio2_1.dll
2017-09-06 17:30:52 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2017-09-06 17:30:51 ----A---- C:\Windows\system32\xactengine3_1.dll
2017-09-06 17:30:50 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2017-09-06 17:30:49 ----A---- C:\Windows\system32\d3dx10_38.dll
2017-09-06 17:30:49 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2017-09-06 17:30:48 ----A---- C:\Windows\system32\D3DX9_38.dll
2017-09-06 17:30:47 ----A---- C:\Windows\system32\XAudio2_0.dll
2017-09-06 17:30:46 ----A---- C:\Windows\system32\xactengine3_0.dll
2017-09-06 17:30:45 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2017-09-06 17:30:44 ----A---- C:\Windows\system32\d3dx10_37.dll
2017-09-06 17:30:44 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2017-09-06 17:30:43 ----A---- C:\Windows\system32\D3DX9_37.dll
2017-09-06 17:30:42 ----A---- C:\Windows\system32\xactengine2_10.dll
2017-09-06 17:30:40 ----A---- C:\Windows\system32\d3dx10_36.dll
2017-09-06 17:30:40 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2017-09-06 17:30:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2017-09-06 17:30:37 ----A---- C:\Windows\system32\xactengine2_9.dll
2017-09-06 17:30:36 ----A---- C:\Windows\system32\d3dx10_35.dll
2017-09-06 17:30:36 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2017-09-06 17:30:34 ----A---- C:\Windows\system32\xactengine2_8.dll
2017-09-06 17:30:34 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2017-09-06 17:30:33 ----A---- C:\Windows\system32\d3dx10_34.dll
2017-09-06 17:30:33 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2017-09-06 17:30:31 ----A---- C:\Windows\system32\d3dx9_34.dll
2017-09-06 17:30:30 ----A---- C:\Windows\system32\xinput1_3.dll
2017-09-06 17:30:29 ----A---- C:\Windows\system32\xactengine2_7.dll
2017-09-06 17:30:28 ----A---- C:\Windows\system32\d3dx10_33.dll
2017-09-06 17:30:28 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2017-09-06 17:30:27 ----A---- C:\Windows\system32\d3dx9_33.dll
2017-09-06 17:30:25 ----A---- C:\Windows\system32\xactengine2_6.dll
2017-09-06 17:30:23 ----A---- C:\Windows\system32\xactengine2_5.dll
2017-09-06 17:30:22 ----A---- C:\Windows\system32\d3dx10.dll
2017-09-06 17:30:20 ----A---- C:\Windows\system32\xactengine2_4.dll
2017-09-06 17:30:20 ----A---- C:\Windows\system32\x3daudio1_1.dll
2017-09-06 17:30:19 ----A---- C:\Windows\system32\d3dx9_31.dll
2017-09-06 17:30:18 ----A---- C:\Windows\system32\xactengine2_3.dll
2017-09-06 17:30:17 ----A---- C:\Windows\system32\xinput1_2.dll
2017-09-06 17:30:16 ----A---- C:\Windows\system32\xactengine2_2.dll
2017-09-06 17:30:15 ----A---- C:\Windows\system32\xinput1_1.dll
2017-09-06 17:30:14 ----A---- C:\Windows\system32\xactengine2_1.dll
2017-09-06 17:30:12 ----A---- C:\Windows\system32\xactengine2_0.dll
2017-09-06 17:30:12 ----A---- C:\Windows\system32\x3daudio1_0.dll
2017-09-06 17:30:11 ----A---- C:\Windows\system32\d3dx9_29.dll
2017-09-06 17:30:10 ----A---- C:\Windows\system32\d3dx9_28.dll
2017-09-06 17:30:09 ----A---- C:\Windows\system32\d3dx9_27.dll
2017-09-06 17:30:08 ----A---- C:\Windows\system32\d3dx9_26.dll
2017-09-06 17:30:07 ----A---- C:\Windows\system32\d3dx9_25.dll
2017-09-06 17:30:05 ----A---- C:\Windows\system32\d3dx9_24.dll
2017-09-06 17:27:01 ----D---- C:\Windows\system32\directx
2017-09-06 17:22:23 ----D---- C:\Program Files\PhoenixRC
2017-08-25 23:09:20 ----A---- C:\Windows\system32\drivers\RapportKELL.sys
2017-08-25 23:09:20 ----A---- C:\Windows\system32\drivers\RapportHades.sys

======List of files/folders modified in the last 1 month======

2017-09-17 21:49:34 ----D---- C:\Windows\temp
2017-09-17 16:41:42 ----D---- C:\Windows\system32\config
2017-09-17 16:01:47 ----RD---- C:\Program Files
2017-09-17 15:52:06 ----D---- C:\Windows\Microsoft.NET
2017-09-17 15:48:51 ----RSD---- C:\Windows\assembly
2017-09-17 15:39:35 ----D---- C:\Windows\System32
2017-09-17 15:39:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-09-17 15:39:34 ----D---- C:\Windows\inf
2017-09-17 15:33:55 ----A---- C:\Windows\system32\acovcnt.exe
2017-09-17 15:33:21 ----D---- C:\Windows\winsxs
2017-09-17 15:33:21 ----D---- C:\Windows\system32\drivers
2017-09-17 15:29:12 ----D---- C:\Program Files\Internet Explorer
2017-09-17 15:29:11 ----D---- C:\Windows\system32\en-US
2017-09-17 15:29:11 ----D---- C:\Windows\system32\cs-CZ
2017-09-17 15:16:10 ----SHD---- C:\System Volume Information
2017-09-17 10:45:23 ----SHD---- C:\Windows\Installer
2017-09-17 10:45:22 ----D---- C:\ProgramData\Microsoft Help
2017-09-17 10:44:42 ----A---- C:\Windows\win.ini
2017-09-16 22:41:12 ----D---- C:\Windows\system32\MRT
2017-09-16 22:30:27 ----D---- C:\Windows\debug
2017-09-16 22:30:09 ----AC---- C:\Windows\system32\MRT.exe
2017-09-16 22:14:47 ----D---- C:\Windows\system32\catroot2
2017-09-16 21:58:58 ----D---- C:\Windows
2017-09-16 13:43:55 ----D---- C:\Program Files\Dropbox
2017-09-12 19:50:29 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-09-12 19:50:13 ----D---- C:\Windows\system32\Macromed
2017-09-10 08:11:32 ----D---- C:\ProgramData\Malwarebytes
2017-09-10 08:11:32 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2017-09-10 08:11:10 ----D---- C:\ProgramData
2017-09-10 08:06:31 ----D---- C:\Windows\Logs
2017-09-10 08:06:30 ----D---- C:\Windows\Minidump
2017-09-10 07:57:02 ----D---- C:\Program Files\Kingo Android ROOT
2017-09-10 07:55:55 ----SD---- C:\ProgramData\Microsoft
2017-09-10 07:55:55 ----D---- C:\Program Files\Microsoft
2017-09-09 22:58:04 ----D---- C:\Windows\system32\Tasks
2017-09-09 10:14:34 ----D---- C:\Users\Honza\AppData\Roaming\PeaZip
2017-09-08 22:28:13 ----D---- C:\Windows\system32\migration
2017-09-08 22:28:04 ----D---- C:\Windows\system32\DriverStore
2017-09-06 19:18:36 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-09-06 17:56:45 ----D---- C:\Program Files\Mozilla Firefox
2017-09-06 17:22:19 ----HD---- C:\Program Files\InstallShield Installation Information
2017-09-01 07:44:17 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 252808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 RapportHades;RapportHades; C:\Windows\System32\Drivers\RapportHades.sys [2017-08-25 102888]
R0 RapportKELL;RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [2017-08-25 263744]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae.sys [2017-08-24 59904]
R1 MpKsl71050cda;MpKsl71050cda; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A8D10702-4E25-4C63-B965-BFA37915BD7A}\MpKsl71050cda.sys [2017-09-17 39168]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [2013-08-26 39080]
R1 RapportAegle;RapportAegle; \??\C:\Program Files\Trusteer\Rapport\bin\RapportAegle.sys [2017-08-25 203072]
R1 RapportCerberus_1804073;RapportCerberus_1804073; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1804073.sys [2017-09-06 846472]
R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2017-08-25 334912]
R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2017-08-25 414432]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 70448]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-09-10 166848]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2011-02-08 5120]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\system32\DRIVERS\ATSwpWDF.sys [2012-10-18 971752]
R3 IFXTPM;IFXTPM; C:\Windows\system32\DRIVERS\IFXTPM.SYS [2013-08-26 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2013-03-29 2646088]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2017-09-17 85440]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-09-17 40352]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-09-17 221632]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-09-17 65824]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2013-08-26 7680]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 rimvndis;BlackBerry Virtual Private Network; C:\Windows\System32\Drivers\rimvndis6.sys [2015-03-19 14848]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2012-12-10 35840]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-02-13 1245056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-08-26 181304]
R3 toshidpt;Bluetooth HID Port; C:\Windows\system32\drivers\Toshidpt.sys [2009-06-19 9608]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-08-05 236728]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 80064]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 56888]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BioNTDrv;BioNTDrv; \??\C:\Program Files\Paragon Software\Partition Manager 2013 Free\program\BioNTDrv.SYS []
S3 blackberryncm;BlackBerryNCM Service; C:\Windows\system32\DRIVERS\blackberryncm6.sys [2014-09-08 22016]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2013-04-16 40744]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 94208]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\Honza\AppData\Local\Temp\catchme.sys []
S3 dbx;dbx; C:\Windows\system32\DRIVERS\dbx.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2013-08-28 23456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_hs.sys [2012-06-20 17672]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2014-05-06 68608]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 SynMini;USB2.0 1.3M Web Cam; C:\Windows\System32\Drivers\SynMini.sys [2006-04-19 899712]
S3 SynScan;USB2.0 1.3M Web Cam Still Image; C:\Windows\System32\Drivers\SynScan.sys [2006-04-19 9216]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 42672]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 53760]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-05 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2017-09-14 43336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-08-02 500976]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\Windows\system32\IFXSPMGT.exe [2013-08-26 661024]
R2 IFXTCS;Trusted Platform Core Service; C:\Windows\system32\IFXTCS.exe [2013-08-26 824864]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-21 4430792]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 103696]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Windows\system32\IfxPsdSv.exe [2013-08-26 136736]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2011-11-25 459832]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2017-08-25 2350064]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-08-02 109296]
R2 RIM MDNS;RIM MDNS; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [2015-03-19 396024]
R2 RIM Tunnel Service;BlackBerry Link Communication Manager; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [2015-03-19 1354488]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-02-07 24576]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2017-03-17 99704]
R3 BlackBerry Device Manager;BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2014-10-31 588024]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-01 152496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-12-18 143144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12 272384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-08-19 85096]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-12-18 143144]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-08-13 104960]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-09-06 175568]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-08-02 242928]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-26 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalé PC, WMI provider host??

#4 Příspěvek od Rudy »

Teď ano. Spusťte tuto utitlitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

visis
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 dub 2007 12:21

Re: Pomalé PC, WMI provider host??

#5 Příspěvek od visis »

Zdravím, vkládám log po naskenování, poté jsem provedl čištění...

# AdwCleaner 7.0.2.1 - Logfile created on Mon Sep 18 18:10:45 2017
# Updated on 2017/29/08 by Malwarebytes
# Database: 09-15-2017.1
# Running on Windows 7 Professional (X86)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

PUP.Optional.DriverAgentPlus, C:\Windows\System32\drivers\DrvAgent32.sys
PUP.Optional.DriverAgentPlus, C:\Windows\System32\drivers\DrvAgent32.sys


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalé PC, WMI provider host??

#6 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

visis
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 dub 2007 12:21

Re: Pomalé PC, WMI provider host??

#7 Příspěvek od visis »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2017-09-21 18:10:31
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 122 GB (61%) free of 200 GB
Total RAM: 2559 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:11:44, on 21.9.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18792)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
C:\Users\Honza\Downloads\RSIT (3).exe
C:\Program Files\trend micro\Honza.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\Windows\system32\IFXSPMGT.exe /NotifyLogon
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ACPW06EN] "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RIM PeerManager] "C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Dropbox, Inc. - C:\Windows\system32\DbxSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\IFXTCS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - BlackBerry Limited - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10485 bytes

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\6z4izsdo.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.130 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_130.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\6z4izsdo.default\extensions\
{0545b830-f0aa-4d7e-8820-50a4629a56fe}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-14 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-14 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]
"IFXSPMGT"=C:\Windows\system32\IFXSPMGT.exe [2013-08-26 661024]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-26 815104]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2013-03-29 11930696]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"ACPW06EN"=C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [2012-12-17 1135304]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2011-04-01 80840]
"PMBVolumeWatcher"=C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2011-11-25 688184]
"Dropbox"=C:\Program Files\Dropbox\Client\Dropbox.exe [2017-09-14 3487032]
"RIMBBLaunchAgent.exe"=C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2014-10-31 443640]
"RIM PeerManager"=C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [2015-03-19 4861688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-02-12 6638296]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2017-03-17 254840]
"Free Download Manager"=C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe --minimized []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=serwvdrv.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.I420"=MSh263.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2017-09-18 20:24:39 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-09-18 20:07:50 ----D---- C:\AdwCleaner
2017-09-17 16:01:47 ----D---- C:\rsit
2017-09-17 16:01:47 ----D---- C:\Program Files\trend micro
2017-09-16 22:24:40 ----A---- C:\Windows\system32\mshtml.dll
2017-09-16 22:24:39 ----A---- C:\Windows\system32\ieframe.dll
2017-09-16 22:24:38 ----A---- C:\Windows\system32\jscript9.dll
2017-09-16 22:24:37 ----A---- C:\Windows\system32\wininet.dll
2017-09-16 22:24:37 ----A---- C:\Windows\system32\win32k.sys
2017-09-16 22:24:37 ----A---- C:\Windows\system32\iertutil.dll
2017-09-16 22:24:36 ----A---- C:\Windows\system32\vbscript.dll
2017-09-16 22:24:36 ----A---- C:\Windows\system32\shell32.dll
2017-09-16 22:24:36 ----A---- C:\Windows\system32\msfeeds.dll
2017-09-16 22:24:35 ----A---- C:\Windows\system32\urlmon.dll
2017-09-16 22:24:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-09-16 22:24:35 ----A---- C:\Windows\system32\ntkrnlpa.exe
2017-09-16 22:24:35 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-09-16 22:24:34 ----A---- C:\Windows\system32\mmc.exe
2017-09-16 22:24:34 ----A---- C:\Windows\system32\localspl.dll
2017-09-16 22:24:34 ----A---- C:\Windows\system32\iedkcs32.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\Wldap32.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\win32spl.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\usp10.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\mshtmled.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\ie4uinit.exe
2017-09-16 22:24:32 ----A---- C:\Windows\system32\ntprint.dll
2017-09-16 22:24:32 ----A---- C:\Windows\system32\nsisvc.dll
2017-09-16 22:24:32 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-09-16 22:24:31 ----A---- C:\Windows\system32\ntdll.dll
2017-09-16 22:24:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-16 22:24:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-09-16 22:24:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-09-16 22:24:30 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-09-16 22:24:30 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-09-16 22:24:30 ----A---- C:\Windows\system32\cic.dll
2017-09-16 22:24:29 ----A---- C:\Windows\system32\mmcshext.dll
2017-09-16 22:24:29 ----A---- C:\Windows\system32\mmcbase.dll
2017-09-16 22:24:29 ----A---- C:\Windows\system32\dxtrans.dll
2017-09-16 22:24:28 ----A---- C:\Windows\system32\webcheck.dll
2017-09-16 22:24:28 ----A---- C:\Windows\system32\msrating.dll
2017-09-16 22:24:28 ----A---- C:\Windows\system32\dxtmsft.dll
2017-09-16 22:24:27 ----A---- C:\Windows\system32\shdocvw.dll
2017-09-16 22:24:27 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-09-16 22:24:26 ----A---- C:\Windows\system32\winnsi.dll
2017-09-16 22:24:26 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-09-16 22:24:26 ----A---- C:\Windows\system32\ieui.dll
2017-09-16 22:24:25 ----A---- C:\Windows\system32\occache.dll
2017-09-16 22:24:25 ----A---- C:\Windows\system32\jscript9diag.dll
2017-09-16 22:24:25 ----A---- C:\Windows\system32\ieUnatt.exe
2017-09-16 22:24:25 ----A---- C:\Windows\system32\iesetup.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\nsi.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\jsproxy.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\inseng.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\iernonce.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\smss.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\rpcss.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\rpcrt4.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\ole32.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\ntprint.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\netbtugc.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\kerberos.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\jscript.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\ieapfltr.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\srv.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\advapi32.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\winsrv.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\srcore.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\schannel.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\msv1_0.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\lsasrv.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\KernelBase.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\inetpp.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\wpnpinst.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\wdigest.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\TSpkg.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\sspicli.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\srclient.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\secur32.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\rstrui.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\rpchttp.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\ncrypt.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\lsass.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\kernel32.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\inetppui.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-09-16 22:24:21 ----A---- C:\Windows\system32\drivers\appid.sys
2017-09-16 22:24:21 ----A---- C:\Windows\system32\csrsrv.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\cryptbase.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\credssp.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\conhost.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\bcrypt.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\appidsvc.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\appidapi.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\apisetschema.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-16 22:24:20 ----A---- C:\Windows\system32\sspisrv.dll
2017-09-16 22:24:20 ----A---- C:\Windows\system32\comcat.dll
2017-09-16 22:24:20 ----A---- C:\Windows\system32\auditpol.exe
2017-09-16 22:24:20 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-09-16 22:24:20 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-09-16 22:24:19 ----A---- C:\Windows\system32\PrintBrmUi.exe
2017-09-16 22:24:19 ----A---- C:\Windows\system32\oleres.dll
2017-09-16 22:24:19 ----A---- C:\Windows\system32\msobjs.dll
2017-09-16 22:24:19 ----A---- C:\Windows\system32\msaudite.dll
2017-09-16 22:24:19 ----A---- C:\Windows\system32\adtschema.dll
2017-09-14 23:41:12 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2017-09-14 23:41:12 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2017-09-14 23:41:12 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2017-09-14 23:41:12 ----A---- C:\Windows\system32\DbxSvc.exe
2017-09-12 14:27:26 ----A---- C:\Windows\system32\drivers\RapportKELL.sys
2017-09-12 14:27:26 ----A---- C:\Windows\system32\drivers\RapportHades.sys
2017-09-10 08:13:10 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2017-09-10 08:13:06 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-09-10 08:12:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-09-10 08:12:35 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-09-10 08:12:11 ----A---- C:\Windows\system32\drivers\mbae.sys
2017-09-10 08:11:32 ----D---- C:\Program Files\Malwarebytes
2017-09-10 08:11:10 ----D---- C:\ProgramData\MB2Migration
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msrepl40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msrd3x40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msrd2x40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msjtes40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msjetoledb40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msjet40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\msxbde40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\mspbde40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\msltus40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\msexcl40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-09-08 21:24:28 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-09-08 21:24:26 ----A---- C:\Windows\system32\tquery.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\wdc.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\Query.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\mswstr10.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\mswdat10.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\mssrch.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\msjter40.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\msjint40.dll
2017-09-08 21:24:24 ----A---- C:\Windows\system32\msinfo32.exe
2017-09-08 21:24:24 ----A---- C:\Windows\system32\drivers\netio.sys
2017-09-08 21:24:24 ----A---- C:\Windows\system32\drivers\http.sys
2017-09-08 21:24:24 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-09-08 21:24:24 ----A---- C:\Windows\system32\clfs.sys
2017-09-08 21:24:23 ----A---- C:\Windows\system32\wer.dll
2017-09-08 21:24:23 ----A---- C:\Windows\system32\t2embed.dll
2017-09-08 21:24:23 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-09-08 21:24:23 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-09-08 21:24:23 ----A---- C:\Windows\system32\mssph.dll
2017-09-08 21:24:23 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2017-09-08 21:24:23 ----A---- C:\Windows\system32\drivers\bthpan.sys
2017-09-08 21:24:22 ----A---- C:\Windows\system32\wvc.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\wermgr.exe
2017-09-08 21:24:22 ----A---- C:\Windows\system32\werdiagcontroller.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-09-08 21:24:22 ----A---- C:\Windows\system32\perfmon.exe
2017-09-08 21:24:22 ----A---- C:\Windows\system32\pdhui.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\mssvp.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\mssphtb.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\mssitlb.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\msscntrs.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-09-08 21:24:21 ----A---- C:\Windows\system32\resmon.exe
2017-09-08 21:24:21 ----A---- C:\Windows\system32\mssprxy.dll
2017-09-08 21:24:20 ----A---- C:\Windows\system32\msshooks.dll
2017-09-08 21:24:19 ----A---- C:\Windows\system32\mstext40.dll
2017-09-08 21:24:19 ----A---- C:\Windows\system32\msexch40.dll
2017-09-06 20:48:52 ----D---- C:\Users\Honza\AppData\Roaming\PhoenixRC
2017-09-06 17:31:18 ----A---- C:\Windows\system32\XAudio2_7.dll
2017-09-06 17:31:18 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2017-09-06 17:31:17 ----A---- C:\Windows\system32\xactengine3_7.dll
2017-09-06 17:31:17 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2017-09-06 17:31:16 ----A---- C:\Windows\system32\d3dcsx_43.dll
2017-09-06 17:31:15 ----A---- C:\Windows\system32\d3dx11_43.dll
2017-09-06 17:31:15 ----A---- C:\Windows\system32\d3dx10_43.dll
2017-09-06 17:31:13 ----A---- C:\Windows\system32\D3DX9_43.dll
2017-09-06 17:31:12 ----A---- C:\Windows\system32\XAudio2_6.dll
2017-09-06 17:31:12 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2017-09-06 17:31:11 ----A---- C:\Windows\system32\xactengine3_6.dll
2017-09-06 17:31:11 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2017-09-06 17:31:10 ----A---- C:\Windows\system32\xactengine3_5.dll
2017-09-06 17:31:09 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2017-09-06 17:31:08 ----A---- C:\Windows\system32\d3dx11_42.dll
2017-09-06 17:31:08 ----A---- C:\Windows\system32\d3dcsx_42.dll
2017-09-06 17:31:07 ----A---- C:\Windows\system32\D3DX9_41.dll
2017-09-06 17:31:05 ----A---- C:\Windows\system32\XAudio2_4.dll
2017-09-06 17:31:05 ----A---- C:\Windows\system32\xactengine3_4.dll
2017-09-06 17:31:04 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2017-09-06 17:31:02 ----A---- C:\Windows\system32\d3dx10_40.dll
2017-09-06 17:31:02 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2017-09-06 17:31:01 ----A---- C:\Windows\system32\D3DX9_40.dll
2017-09-06 17:31:00 ----A---- C:\Windows\system32\XAudio2_3.dll
2017-09-06 17:31:00 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2017-09-06 17:30:59 ----A---- C:\Windows\system32\xactengine3_3.dll
2017-09-06 17:30:58 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2017-09-06 17:30:57 ----A---- C:\Windows\system32\XAudio2_2.dll
2017-09-06 17:30:57 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2017-09-06 17:30:55 ----A---- C:\Windows\system32\xactengine3_2.dll
2017-09-06 17:30:54 ----A---- C:\Windows\system32\d3dx10_39.dll
2017-09-06 17:30:54 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2017-09-06 17:30:53 ----A---- C:\Windows\system32\D3DX9_39.dll
2017-09-06 17:30:52 ----A---- C:\Windows\system32\XAudio2_1.dll
2017-09-06 17:30:52 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2017-09-06 17:30:51 ----A---- C:\Windows\system32\xactengine3_1.dll
2017-09-06 17:30:50 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2017-09-06 17:30:49 ----A---- C:\Windows\system32\d3dx10_38.dll
2017-09-06 17:30:49 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2017-09-06 17:30:48 ----A---- C:\Windows\system32\D3DX9_38.dll
2017-09-06 17:30:47 ----A---- C:\Windows\system32\XAudio2_0.dll
2017-09-06 17:30:46 ----A---- C:\Windows\system32\xactengine3_0.dll
2017-09-06 17:30:45 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2017-09-06 17:30:44 ----A---- C:\Windows\system32\d3dx10_37.dll
2017-09-06 17:30:44 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2017-09-06 17:30:43 ----A---- C:\Windows\system32\D3DX9_37.dll
2017-09-06 17:30:42 ----A---- C:\Windows\system32\xactengine2_10.dll
2017-09-06 17:30:40 ----A---- C:\Windows\system32\d3dx10_36.dll
2017-09-06 17:30:40 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2017-09-06 17:30:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2017-09-06 17:30:37 ----A---- C:\Windows\system32\xactengine2_9.dll
2017-09-06 17:30:36 ----A---- C:\Windows\system32\d3dx10_35.dll
2017-09-06 17:30:36 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2017-09-06 17:30:34 ----A---- C:\Windows\system32\xactengine2_8.dll
2017-09-06 17:30:34 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2017-09-06 17:30:33 ----A---- C:\Windows\system32\d3dx10_34.dll
2017-09-06 17:30:33 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2017-09-06 17:30:31 ----A---- C:\Windows\system32\d3dx9_34.dll
2017-09-06 17:30:30 ----A---- C:\Windows\system32\xinput1_3.dll
2017-09-06 17:30:29 ----A---- C:\Windows\system32\xactengine2_7.dll
2017-09-06 17:30:28 ----A---- C:\Windows\system32\d3dx10_33.dll
2017-09-06 17:30:28 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2017-09-06 17:30:27 ----A---- C:\Windows\system32\d3dx9_33.dll
2017-09-06 17:30:25 ----A---- C:\Windows\system32\xactengine2_6.dll
2017-09-06 17:30:23 ----A---- C:\Windows\system32\xactengine2_5.dll
2017-09-06 17:30:22 ----A---- C:\Windows\system32\d3dx10.dll
2017-09-06 17:30:20 ----A---- C:\Windows\system32\xactengine2_4.dll
2017-09-06 17:30:20 ----A---- C:\Windows\system32\x3daudio1_1.dll
2017-09-06 17:30:19 ----A---- C:\Windows\system32\d3dx9_31.dll
2017-09-06 17:30:18 ----A---- C:\Windows\system32\xactengine2_3.dll
2017-09-06 17:30:17 ----A---- C:\Windows\system32\xinput1_2.dll
2017-09-06 17:30:16 ----A---- C:\Windows\system32\xactengine2_2.dll
2017-09-06 17:30:15 ----A---- C:\Windows\system32\xinput1_1.dll
2017-09-06 17:30:14 ----A---- C:\Windows\system32\xactengine2_1.dll
2017-09-06 17:30:12 ----A---- C:\Windows\system32\xactengine2_0.dll
2017-09-06 17:30:12 ----A---- C:\Windows\system32\x3daudio1_0.dll
2017-09-06 17:30:11 ----A---- C:\Windows\system32\d3dx9_29.dll
2017-09-06 17:30:10 ----A---- C:\Windows\system32\d3dx9_28.dll
2017-09-06 17:30:09 ----A---- C:\Windows\system32\d3dx9_27.dll
2017-09-06 17:30:08 ----A---- C:\Windows\system32\d3dx9_26.dll
2017-09-06 17:30:07 ----A---- C:\Windows\system32\d3dx9_25.dll
2017-09-06 17:30:05 ----A---- C:\Windows\system32\d3dx9_24.dll
2017-09-06 17:27:01 ----D---- C:\Windows\system32\directx
2017-09-06 17:22:23 ----D---- C:\Program Files\PhoenixRC

======List of files/folders modified in the last 1 month======

2017-09-21 18:10:17 ----D---- C:\Windows\temp
2017-09-21 11:24:04 ----D---- C:\Windows\system32\config
2017-09-21 11:04:14 ----SHD---- C:\System Volume Information
2017-09-21 10:48:01 ----D---- C:\Windows\system32\drivers
2017-09-21 10:46:17 ----A---- C:\Windows\system32\acovcnt.exe
2017-09-18 20:11:04 ----SHD---- C:\Windows\Installer
2017-09-17 16:01:47 ----RD---- C:\Program Files
2017-09-17 15:52:06 ----D---- C:\Windows\Microsoft.NET
2017-09-17 15:48:51 ----RSD---- C:\Windows\assembly
2017-09-17 15:39:35 ----D---- C:\Windows\System32
2017-09-17 15:39:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-09-17 15:39:34 ----D---- C:\Windows\inf
2017-09-17 15:33:21 ----D---- C:\Windows\winsxs
2017-09-17 15:29:12 ----D---- C:\Program Files\Internet Explorer
2017-09-17 15:29:11 ----D---- C:\Windows\system32\en-US
2017-09-17 15:29:11 ----D---- C:\Windows\system32\cs-CZ
2017-09-17 10:45:22 ----D---- C:\ProgramData\Microsoft Help
2017-09-17 10:44:42 ----A---- C:\Windows\win.ini
2017-09-16 22:41:12 ----D---- C:\Windows\system32\MRT
2017-09-16 22:30:27 ----D---- C:\Windows\debug
2017-09-16 22:30:09 ----AC---- C:\Windows\system32\MRT.exe
2017-09-16 22:14:47 ----D---- C:\Windows\system32\catroot2
2017-09-16 21:58:58 ----D---- C:\Windows
2017-09-16 13:43:55 ----D---- C:\Program Files\Dropbox
2017-09-12 19:50:29 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-09-12 19:50:13 ----D---- C:\Windows\system32\Macromed
2017-09-10 08:11:32 ----D---- C:\ProgramData\Malwarebytes
2017-09-10 08:11:32 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2017-09-10 08:11:10 ----D---- C:\ProgramData
2017-09-10 08:06:31 ----D---- C:\Windows\Logs
2017-09-10 08:06:30 ----D---- C:\Windows\Minidump
2017-09-10 07:57:02 ----D---- C:\Program Files\Kingo Android ROOT
2017-09-10 07:55:55 ----SD---- C:\ProgramData\Microsoft
2017-09-10 07:55:55 ----D---- C:\Program Files\Microsoft
2017-09-09 22:58:04 ----D---- C:\Windows\system32\Tasks
2017-09-09 10:14:34 ----D---- C:\Users\Honza\AppData\Roaming\PeaZip
2017-09-08 22:28:13 ----D---- C:\Windows\system32\migration
2017-09-08 22:28:04 ----D---- C:\Windows\system32\DriverStore
2017-09-06 19:18:36 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-09-06 17:56:45 ----D---- C:\Program Files\Mozilla Firefox
2017-09-06 17:22:19 ----HD---- C:\Program Files\InstallShield Installation Information
2017-09-01 07:44:17 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 252808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 RapportHades;RapportHades; C:\Windows\System32\Drivers\RapportHades.sys [2017-09-12 102880]
R0 RapportKELL;RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [2017-09-12 263752]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae.sys [2017-08-24 59904]
R1 MpKsl1095d303;MpKsl1095d303; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{211AF511-4045-425C-99D4-BF0993F2133F}\MpKsl1095d303.sys [2017-09-21 39168]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [2013-08-26 39080]
R1 RapportAegle;RapportAegle; \??\C:\Program Files\Trusteer\Rapport\bin\RapportAegle.sys [2017-09-12 203080]
R1 RapportCerberus_1804074;RapportCerberus_1804074; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1804074.sys [2017-09-18 846472]
R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2017-09-12 334912]
R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2017-09-12 414440]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 70448]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-09-10 166848]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2011-02-08 5120]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\system32\DRIVERS\ATSwpWDF.sys [2012-10-18 971752]
R3 IFXTPM;IFXTPM; C:\Windows\system32\DRIVERS\IFXTPM.SYS [2013-08-26 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2013-03-29 2646088]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2017-09-21 85440]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-09-21 40352]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-09-21 221632]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-09-21 65824]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2013-08-26 7680]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 rimvndis;BlackBerry Virtual Private Network; C:\Windows\System32\Drivers\rimvndis6.sys [2015-03-19 14848]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2012-12-10 35840]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-02-13 1245056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-08-26 181304]
R3 toshidpt;Bluetooth HID Port; C:\Windows\system32\drivers\Toshidpt.sys [2009-06-19 9608]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-08-05 236728]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 80064]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 56888]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BioNTDrv;BioNTDrv; \??\C:\Program Files\Paragon Software\Partition Manager 2013 Free\program\BioNTDrv.SYS []
S3 blackberryncm;BlackBerryNCM Service; C:\Windows\system32\DRIVERS\blackberryncm6.sys [2014-09-08 22016]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2013-04-16 40744]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 94208]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\Honza\AppData\Local\Temp\catchme.sys []
S3 dbx;dbx; C:\Windows\system32\DRIVERS\dbx.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_hs.sys [2012-06-20 17672]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2014-05-06 68608]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 SynMini;USB2.0 1.3M Web Cam; C:\Windows\System32\Drivers\SynMini.sys [2006-04-19 899712]
S3 SynScan;USB2.0 1.3M Web Cam Still Image; C:\Windows\System32\Drivers\SynScan.sys [2006-04-19 9216]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 42672]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 53760]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-05 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2017-09-14 43336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-08-02 500976]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\Windows\system32\IFXSPMGT.exe [2013-08-26 661024]
R2 IFXTCS;Trusted Platform Core Service; C:\Windows\system32\IFXTCS.exe [2013-08-26 824864]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-21 4430792]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 103696]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Windows\system32\IfxPsdSv.exe [2013-08-26 136736]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2011-11-25 459832]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2017-09-12 2350064]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-08-02 109296]
R2 RIM MDNS;RIM MDNS; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [2015-03-19 396024]
R2 RIM Tunnel Service;BlackBerry Link Communication Manager; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [2015-03-19 1354488]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-02-07 24576]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2017-03-17 99704]
R3 BlackBerry Device Manager;BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2014-10-31 588024]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-01 152496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-12-18 143144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12 272384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-08-19 85096]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-12-18 143144]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-08-13 104960]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-09-06 175568]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-08-02 242928]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-26 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalé PC, WMI provider host??

#8 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

visis
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 dub 2007 12:21

Re: Pomalé PC, WMI provider host??

#9 Příspěvek od visis »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2017-09-21 19:44:54
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 122 GB (61%) free of 200 GB
Total RAM: 2559 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:46:07, on 21.9.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18792)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Users\Honza\Downloads\RSIT (1).exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\trend micro\Honza.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\Windows\system32\IFXSPMGT.exe /NotifyLogon
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ACPW06EN] "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RIM PeerManager] "C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Dropbox, Inc. - C:\Windows\system32\DbxSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\IFXTCS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - BlackBerry Limited - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10523 bytes

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\6z4izsdo.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.130 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_130.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\6z4izsdo.default\extensions\
{0545b830-f0aa-4d7e-8820-50a4629a56fe}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-14 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-14 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]
"IFXSPMGT"=C:\Windows\system32\IFXSPMGT.exe [2013-08-26 661024]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-26 815104]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2013-03-29 11930696]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"ACPW06EN"=C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [2012-12-17 1135304]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2011-04-01 80840]
"PMBVolumeWatcher"=C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2011-11-25 688184]
"Dropbox"=C:\Program Files\Dropbox\Client\Dropbox.exe [2017-09-14 3487032]
"RIMBBLaunchAgent.exe"=C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2014-10-31 443640]
"RIM PeerManager"=C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [2015-03-19 4861688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-02-12 6638296]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2017-03-17 254840]
"Free Download Manager"=C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe --minimized []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=serwvdrv.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.I420"=MSh263.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2017-09-21 19:35:56 ----D---- C:\_OTM
2017-09-18 20:24:39 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-09-18 20:07:50 ----D---- C:\AdwCleaner
2017-09-17 16:01:47 ----D---- C:\rsit
2017-09-17 16:01:47 ----D---- C:\Program Files\trend micro
2017-09-16 22:24:40 ----A---- C:\Windows\system32\mshtml.dll
2017-09-16 22:24:39 ----A---- C:\Windows\system32\ieframe.dll
2017-09-16 22:24:38 ----A---- C:\Windows\system32\jscript9.dll
2017-09-16 22:24:37 ----A---- C:\Windows\system32\wininet.dll
2017-09-16 22:24:37 ----A---- C:\Windows\system32\win32k.sys
2017-09-16 22:24:37 ----A---- C:\Windows\system32\iertutil.dll
2017-09-16 22:24:36 ----A---- C:\Windows\system32\vbscript.dll
2017-09-16 22:24:36 ----A---- C:\Windows\system32\shell32.dll
2017-09-16 22:24:36 ----A---- C:\Windows\system32\msfeeds.dll
2017-09-16 22:24:35 ----A---- C:\Windows\system32\urlmon.dll
2017-09-16 22:24:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-09-16 22:24:35 ----A---- C:\Windows\system32\ntkrnlpa.exe
2017-09-16 22:24:35 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-09-16 22:24:34 ----A---- C:\Windows\system32\mmc.exe
2017-09-16 22:24:34 ----A---- C:\Windows\system32\localspl.dll
2017-09-16 22:24:34 ----A---- C:\Windows\system32\iedkcs32.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\Wldap32.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\win32spl.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\usp10.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\mshtmled.dll
2017-09-16 22:24:33 ----A---- C:\Windows\system32\ie4uinit.exe
2017-09-16 22:24:32 ----A---- C:\Windows\system32\ntprint.dll
2017-09-16 22:24:32 ----A---- C:\Windows\system32\nsisvc.dll
2017-09-16 22:24:32 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-09-16 22:24:31 ----A---- C:\Windows\system32\ntdll.dll
2017-09-16 22:24:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-16 22:24:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-09-16 22:24:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-09-16 22:24:30 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-09-16 22:24:30 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-09-16 22:24:30 ----A---- C:\Windows\system32\cic.dll
2017-09-16 22:24:29 ----A---- C:\Windows\system32\mmcshext.dll
2017-09-16 22:24:29 ----A---- C:\Windows\system32\mmcbase.dll
2017-09-16 22:24:29 ----A---- C:\Windows\system32\dxtrans.dll
2017-09-16 22:24:28 ----A---- C:\Windows\system32\webcheck.dll
2017-09-16 22:24:28 ----A---- C:\Windows\system32\msrating.dll
2017-09-16 22:24:28 ----A---- C:\Windows\system32\dxtmsft.dll
2017-09-16 22:24:27 ----A---- C:\Windows\system32\shdocvw.dll
2017-09-16 22:24:27 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-09-16 22:24:26 ----A---- C:\Windows\system32\winnsi.dll
2017-09-16 22:24:26 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-09-16 22:24:26 ----A---- C:\Windows\system32\ieui.dll
2017-09-16 22:24:25 ----A---- C:\Windows\system32\occache.dll
2017-09-16 22:24:25 ----A---- C:\Windows\system32\jscript9diag.dll
2017-09-16 22:24:25 ----A---- C:\Windows\system32\ieUnatt.exe
2017-09-16 22:24:25 ----A---- C:\Windows\system32\iesetup.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\nsi.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\jsproxy.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\inseng.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\iernonce.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-09-16 22:24:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\smss.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\rpcss.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\rpcrt4.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\ole32.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\ntprint.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\netbtugc.exe
2017-09-16 22:24:23 ----A---- C:\Windows\system32\kerberos.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\jscript.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\ieapfltr.dll
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\srv.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-09-16 22:24:23 ----A---- C:\Windows\system32\advapi32.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\winsrv.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\srcore.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\schannel.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\msv1_0.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\lsasrv.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\KernelBase.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\inetpp.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-09-16 22:24:22 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\wpnpinst.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\wdigest.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\TSpkg.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\sspicli.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\srclient.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\secur32.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\rstrui.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\rpchttp.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\ncrypt.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\lsass.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\kernel32.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\inetppui.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-09-16 22:24:21 ----A---- C:\Windows\system32\drivers\appid.sys
2017-09-16 22:24:21 ----A---- C:\Windows\system32\csrsrv.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\cryptbase.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\credssp.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\conhost.exe
2017-09-16 22:24:21 ----A---- C:\Windows\system32\bcrypt.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\appidsvc.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\appidapi.dll
2017-09-16 22:24:21 ----A---- C:\Windows\system32\apisetschema.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-16 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-16 22:24:20 ----A---- C:\Windows\system32\sspisrv.dll
2017-09-16 22:24:20 ----A---- C:\Windows\system32\comcat.dll
2017-09-16 22:24:20 ----A---- C:\Windows\system32\auditpol.exe
2017-09-16 22:24:20 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-09-16 22:24:20 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-09-16 22:24:19 ----A---- C:\Windows\system32\PrintBrmUi.exe
2017-09-16 22:24:19 ----A---- C:\Windows\system32\oleres.dll
2017-09-16 22:24:19 ----A---- C:\Windows\system32\msobjs.dll
2017-09-16 22:24:19 ----A---- C:\Windows\system32\msaudite.dll
2017-09-16 22:24:19 ----A---- C:\Windows\system32\adtschema.dll
2017-09-14 23:41:12 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2017-09-14 23:41:12 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2017-09-14 23:41:12 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2017-09-14 23:41:12 ----A---- C:\Windows\system32\DbxSvc.exe
2017-09-12 14:27:26 ----A---- C:\Windows\system32\drivers\RapportKELL.sys
2017-09-12 14:27:26 ----A---- C:\Windows\system32\drivers\RapportHades.sys
2017-09-10 08:13:10 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2017-09-10 08:13:06 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-09-10 08:12:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-09-10 08:12:35 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-09-10 08:12:11 ----A---- C:\Windows\system32\drivers\mbae.sys
2017-09-10 08:11:32 ----D---- C:\Program Files\Malwarebytes
2017-09-10 08:11:10 ----D---- C:\ProgramData\MB2Migration
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msrepl40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msrd3x40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msrd2x40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msjtes40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msjetoledb40.dll
2017-09-08 21:24:29 ----A---- C:\Windows\system32\msjet40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\msxbde40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\mspbde40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\msltus40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\msexcl40.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2017-09-08 21:24:28 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-09-08 21:24:28 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-09-08 21:24:26 ----A---- C:\Windows\system32\tquery.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\wdc.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\Query.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\mswstr10.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\mswdat10.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\mssrch.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\msjter40.dll
2017-09-08 21:24:25 ----A---- C:\Windows\system32\msjint40.dll
2017-09-08 21:24:24 ----A---- C:\Windows\system32\msinfo32.exe
2017-09-08 21:24:24 ----A---- C:\Windows\system32\drivers\netio.sys
2017-09-08 21:24:24 ----A---- C:\Windows\system32\drivers\http.sys
2017-09-08 21:24:24 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-09-08 21:24:24 ----A---- C:\Windows\system32\clfs.sys
2017-09-08 21:24:23 ----A---- C:\Windows\system32\wer.dll
2017-09-08 21:24:23 ----A---- C:\Windows\system32\t2embed.dll
2017-09-08 21:24:23 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-09-08 21:24:23 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-09-08 21:24:23 ----A---- C:\Windows\system32\mssph.dll
2017-09-08 21:24:23 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2017-09-08 21:24:23 ----A---- C:\Windows\system32\drivers\bthpan.sys
2017-09-08 21:24:22 ----A---- C:\Windows\system32\wvc.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\wermgr.exe
2017-09-08 21:24:22 ----A---- C:\Windows\system32\werdiagcontroller.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-09-08 21:24:22 ----A---- C:\Windows\system32\perfmon.exe
2017-09-08 21:24:22 ----A---- C:\Windows\system32\pdhui.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\mssvp.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\mssphtb.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\mssitlb.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\msscntrs.dll
2017-09-08 21:24:22 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-09-08 21:24:21 ----A---- C:\Windows\system32\resmon.exe
2017-09-08 21:24:21 ----A---- C:\Windows\system32\mssprxy.dll
2017-09-08 21:24:20 ----A---- C:\Windows\system32\msshooks.dll
2017-09-08 21:24:19 ----A---- C:\Windows\system32\mstext40.dll
2017-09-08 21:24:19 ----A---- C:\Windows\system32\msexch40.dll
2017-09-06 20:48:52 ----D---- C:\Users\Honza\AppData\Roaming\PhoenixRC
2017-09-06 17:31:18 ----A---- C:\Windows\system32\XAudio2_7.dll
2017-09-06 17:31:18 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2017-09-06 17:31:17 ----A---- C:\Windows\system32\xactengine3_7.dll
2017-09-06 17:31:17 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2017-09-06 17:31:16 ----A---- C:\Windows\system32\d3dcsx_43.dll
2017-09-06 17:31:15 ----A---- C:\Windows\system32\d3dx11_43.dll
2017-09-06 17:31:15 ----A---- C:\Windows\system32\d3dx10_43.dll
2017-09-06 17:31:13 ----A---- C:\Windows\system32\D3DX9_43.dll
2017-09-06 17:31:12 ----A---- C:\Windows\system32\XAudio2_6.dll
2017-09-06 17:31:12 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2017-09-06 17:31:11 ----A---- C:\Windows\system32\xactengine3_6.dll
2017-09-06 17:31:11 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2017-09-06 17:31:10 ----A---- C:\Windows\system32\xactengine3_5.dll
2017-09-06 17:31:09 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2017-09-06 17:31:08 ----A---- C:\Windows\system32\d3dx11_42.dll
2017-09-06 17:31:08 ----A---- C:\Windows\system32\d3dcsx_42.dll
2017-09-06 17:31:07 ----A---- C:\Windows\system32\D3DX9_41.dll
2017-09-06 17:31:05 ----A---- C:\Windows\system32\XAudio2_4.dll
2017-09-06 17:31:05 ----A---- C:\Windows\system32\xactengine3_4.dll
2017-09-06 17:31:04 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2017-09-06 17:31:02 ----A---- C:\Windows\system32\d3dx10_40.dll
2017-09-06 17:31:02 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2017-09-06 17:31:01 ----A---- C:\Windows\system32\D3DX9_40.dll
2017-09-06 17:31:00 ----A---- C:\Windows\system32\XAudio2_3.dll
2017-09-06 17:31:00 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2017-09-06 17:30:59 ----A---- C:\Windows\system32\xactengine3_3.dll
2017-09-06 17:30:58 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2017-09-06 17:30:57 ----A---- C:\Windows\system32\XAudio2_2.dll
2017-09-06 17:30:57 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2017-09-06 17:30:55 ----A---- C:\Windows\system32\xactengine3_2.dll
2017-09-06 17:30:54 ----A---- C:\Windows\system32\d3dx10_39.dll
2017-09-06 17:30:54 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2017-09-06 17:30:53 ----A---- C:\Windows\system32\D3DX9_39.dll
2017-09-06 17:30:52 ----A---- C:\Windows\system32\XAudio2_1.dll
2017-09-06 17:30:52 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2017-09-06 17:30:51 ----A---- C:\Windows\system32\xactengine3_1.dll
2017-09-06 17:30:50 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2017-09-06 17:30:49 ----A---- C:\Windows\system32\d3dx10_38.dll
2017-09-06 17:30:49 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2017-09-06 17:30:48 ----A---- C:\Windows\system32\D3DX9_38.dll
2017-09-06 17:30:47 ----A---- C:\Windows\system32\XAudio2_0.dll
2017-09-06 17:30:46 ----A---- C:\Windows\system32\xactengine3_0.dll
2017-09-06 17:30:45 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2017-09-06 17:30:44 ----A---- C:\Windows\system32\d3dx10_37.dll
2017-09-06 17:30:44 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2017-09-06 17:30:43 ----A---- C:\Windows\system32\D3DX9_37.dll
2017-09-06 17:30:42 ----A---- C:\Windows\system32\xactengine2_10.dll
2017-09-06 17:30:40 ----A---- C:\Windows\system32\d3dx10_36.dll
2017-09-06 17:30:40 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2017-09-06 17:30:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2017-09-06 17:30:37 ----A---- C:\Windows\system32\xactengine2_9.dll
2017-09-06 17:30:36 ----A---- C:\Windows\system32\d3dx10_35.dll
2017-09-06 17:30:36 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2017-09-06 17:30:34 ----A---- C:\Windows\system32\xactengine2_8.dll
2017-09-06 17:30:34 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2017-09-06 17:30:33 ----A---- C:\Windows\system32\d3dx10_34.dll
2017-09-06 17:30:33 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2017-09-06 17:30:31 ----A---- C:\Windows\system32\d3dx9_34.dll
2017-09-06 17:30:30 ----A---- C:\Windows\system32\xinput1_3.dll
2017-09-06 17:30:29 ----A---- C:\Windows\system32\xactengine2_7.dll
2017-09-06 17:30:28 ----A---- C:\Windows\system32\d3dx10_33.dll
2017-09-06 17:30:28 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2017-09-06 17:30:27 ----A---- C:\Windows\system32\d3dx9_33.dll
2017-09-06 17:30:25 ----A---- C:\Windows\system32\xactengine2_6.dll
2017-09-06 17:30:23 ----A---- C:\Windows\system32\xactengine2_5.dll
2017-09-06 17:30:22 ----A---- C:\Windows\system32\d3dx10.dll
2017-09-06 17:30:20 ----A---- C:\Windows\system32\xactengine2_4.dll
2017-09-06 17:30:20 ----A---- C:\Windows\system32\x3daudio1_1.dll
2017-09-06 17:30:19 ----A---- C:\Windows\system32\d3dx9_31.dll
2017-09-06 17:30:18 ----A---- C:\Windows\system32\xactengine2_3.dll
2017-09-06 17:30:17 ----A---- C:\Windows\system32\xinput1_2.dll
2017-09-06 17:30:16 ----A---- C:\Windows\system32\xactengine2_2.dll
2017-09-06 17:30:15 ----A---- C:\Windows\system32\xinput1_1.dll
2017-09-06 17:30:14 ----A---- C:\Windows\system32\xactengine2_1.dll
2017-09-06 17:30:12 ----A---- C:\Windows\system32\xactengine2_0.dll
2017-09-06 17:30:12 ----A---- C:\Windows\system32\x3daudio1_0.dll
2017-09-06 17:30:11 ----A---- C:\Windows\system32\d3dx9_29.dll
2017-09-06 17:30:10 ----A---- C:\Windows\system32\d3dx9_28.dll
2017-09-06 17:30:09 ----A---- C:\Windows\system32\d3dx9_27.dll
2017-09-06 17:30:08 ----A---- C:\Windows\system32\d3dx9_26.dll
2017-09-06 17:30:07 ----A---- C:\Windows\system32\d3dx9_25.dll
2017-09-06 17:30:05 ----A---- C:\Windows\system32\d3dx9_24.dll
2017-09-06 17:27:01 ----D---- C:\Windows\system32\directx
2017-09-06 17:22:23 ----D---- C:\Program Files\PhoenixRC

======List of files/folders modified in the last 1 month======

2017-09-21 19:45:00 ----D---- C:\Windows\temp
2017-09-21 19:39:56 ----D---- C:\Windows\system32\drivers
2017-09-21 19:38:42 ----A---- C:\Windows\system32\acovcnt.exe
2017-09-21 19:37:12 ----D---- C:\Windows\system32\config
2017-09-21 11:04:14 ----SHD---- C:\System Volume Information
2017-09-18 20:11:04 ----SHD---- C:\Windows\Installer
2017-09-17 16:01:47 ----RD---- C:\Program Files
2017-09-17 15:52:06 ----D---- C:\Windows\Microsoft.NET
2017-09-17 15:48:51 ----RSD---- C:\Windows\assembly
2017-09-17 15:39:35 ----D---- C:\Windows\System32
2017-09-17 15:39:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-09-17 15:39:34 ----D---- C:\Windows\inf
2017-09-17 15:33:21 ----D---- C:\Windows\winsxs
2017-09-17 15:29:12 ----D---- C:\Program Files\Internet Explorer
2017-09-17 15:29:11 ----D---- C:\Windows\system32\en-US
2017-09-17 15:29:11 ----D---- C:\Windows\system32\cs-CZ
2017-09-17 10:45:22 ----D---- C:\ProgramData\Microsoft Help
2017-09-17 10:44:42 ----A---- C:\Windows\win.ini
2017-09-16 22:41:12 ----D---- C:\Windows\system32\MRT
2017-09-16 22:30:27 ----D---- C:\Windows\debug
2017-09-16 22:30:09 ----AC---- C:\Windows\system32\MRT.exe
2017-09-16 22:14:47 ----D---- C:\Windows\system32\catroot2
2017-09-16 21:58:58 ----D---- C:\Windows
2017-09-16 13:43:55 ----D---- C:\Program Files\Dropbox
2017-09-12 19:50:29 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-09-12 19:50:13 ----D---- C:\Windows\system32\Macromed
2017-09-10 08:11:32 ----D---- C:\ProgramData\Malwarebytes
2017-09-10 08:11:32 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2017-09-10 08:11:10 ----D---- C:\ProgramData
2017-09-10 08:06:31 ----D---- C:\Windows\Logs
2017-09-10 08:06:30 ----D---- C:\Windows\Minidump
2017-09-10 07:57:02 ----D---- C:\Program Files\Kingo Android ROOT
2017-09-10 07:55:55 ----SD---- C:\ProgramData\Microsoft
2017-09-10 07:55:55 ----D---- C:\Program Files\Microsoft
2017-09-09 22:58:04 ----D---- C:\Windows\system32\Tasks
2017-09-09 10:14:34 ----D---- C:\Users\Honza\AppData\Roaming\PeaZip
2017-09-08 22:28:13 ----D---- C:\Windows\system32\migration
2017-09-08 22:28:04 ----D---- C:\Windows\system32\DriverStore
2017-09-06 19:18:36 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-09-06 17:56:45 ----D---- C:\Program Files\Mozilla Firefox
2017-09-06 17:22:19 ----HD---- C:\Program Files\InstallShield Installation Information
2017-09-01 07:44:17 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 252808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 RapportHades;RapportHades; C:\Windows\System32\Drivers\RapportHades.sys [2017-09-12 102880]
R0 RapportKELL;RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [2017-09-12 263752]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae.sys [2017-08-24 59904]
R1 MpKsla699cfd1;MpKsla699cfd1; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{211AF511-4045-425C-99D4-BF0993F2133F}\MpKsla699cfd1.sys [2017-09-21 39168]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [2013-08-26 39080]
R1 RapportAegle;RapportAegle; \??\C:\Program Files\Trusteer\Rapport\bin\RapportAegle.sys [2017-09-12 203080]
R1 RapportCerberus_1804074;RapportCerberus_1804074; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1804074.sys [2017-09-18 846472]
R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2017-09-12 334912]
R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2017-09-12 414440]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 70448]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-09-10 166848]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2011-02-08 5120]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\system32\DRIVERS\ATSwpWDF.sys [2012-10-18 971752]
R3 IFXTPM;IFXTPM; C:\Windows\system32\DRIVERS\IFXTPM.SYS [2013-08-26 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2013-03-29 2646088]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2017-09-21 85440]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-09-21 40352]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-09-21 221632]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-09-21 65824]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2013-08-26 7680]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 rimvndis;BlackBerry Virtual Private Network; C:\Windows\System32\Drivers\rimvndis6.sys [2015-03-19 14848]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2012-12-10 35840]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-02-13 1245056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-08-26 181304]
R3 toshidpt;Bluetooth HID Port; C:\Windows\system32\drivers\Toshidpt.sys [2009-06-19 9608]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-08-05 236728]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 80064]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 56888]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BioNTDrv;BioNTDrv; \??\C:\Program Files\Paragon Software\Partition Manager 2013 Free\program\BioNTDrv.SYS []
S3 blackberryncm;BlackBerryNCM Service; C:\Windows\system32\DRIVERS\blackberryncm6.sys [2014-09-08 22016]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2013-04-16 40744]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 94208]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\Honza\AppData\Local\Temp\catchme.sys []
S3 dbx;dbx; C:\Windows\system32\DRIVERS\dbx.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_hs.sys [2012-06-20 17672]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2014-05-06 68608]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 SynMini;USB2.0 1.3M Web Cam; C:\Windows\System32\Drivers\SynMini.sys [2006-04-19 899712]
S3 SynScan;USB2.0 1.3M Web Cam Still Image; C:\Windows\System32\Drivers\SynScan.sys [2006-04-19 9216]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 42672]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 53760]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-05 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2017-09-14 43336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-08-02 500976]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\Windows\system32\IFXSPMGT.exe [2013-08-26 661024]
R2 IFXTCS;Trusted Platform Core Service; C:\Windows\system32\IFXTCS.exe [2013-08-26 824864]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-21 4430792]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 103696]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Windows\system32\IfxPsdSv.exe [2013-08-26 136736]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2011-11-25 459832]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2017-09-12 2350064]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-08-02 109296]
R2 RIM MDNS;RIM MDNS; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [2015-03-19 396024]
R2 RIM Tunnel Service;BlackBerry Link Communication Manager; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [2015-03-19 1354488]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-02-07 24576]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2017-03-17 99704]
R3 BlackBerry Device Manager;BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2014-10-31 588024]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-01 152496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-12-18 143144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12 272384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-08-19 85096]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-12-18 143144]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-08-13 104960]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-09-06 175568]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-08-02 242928]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-26 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalé PC, WMI provider host??

#10 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

visis
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 dub 2007 12:21

Re: Pomalé PC, WMI provider host??

#11 Příspěvek od visis »

Zdravím, subjektivně si myslím, že ntb drobet zrychlil, ale pořád to není ono. WMI provider host stále trvale vytěžuje procesor 10-30%, a to dříve nebývalo. Ntb se tím pádem více hřeje a trvale běží chladič...
Nevím, jestli tu mám nějakou havěť, kromě toho, že je pomalejší nic jinak nepozoruji...
Děkuji :-)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalé PC, WMI provider host??

#12 Příspěvek od Rudy »

Ještě zkuste kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

visis
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 24 dub 2007 12:21

Re: Pomalé PC, WMI provider host??

#13 Příspěvek od visis »

Zdravím, po delší odmlce posílám log mbam, nic nenašel...
Ale četl jsem o ccleaneru že prý je plný malwaru, tak jsem ho preventivně odinstaloval a wmi provider host už se nespouští a nevytěžuje proceseor. Takže asi vyřešeno, ale straší mě, jestli byl ten ccleaner fakt zavirovaný...

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 07.10.17
Čas skenování: 12:11
Logovací soubor: e8c02406-ab47-11e7-b870-0018f32faa1c.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2018
Verze komponentů: 1.0.188
Aktualizovat verzi balíku komponent: 1.0.2969
Licence: Bezplatný

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: Honza-PC\Honza

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 264464
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 9 min, 36 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalé PC, WMI provider host??

#14 Příspěvek od Rudy »

Log je OK, žádný malware v PC nemáte. Dalších možností je několik. Souhrnně jsou uveřejněny zde: https://translate.google.cz/translate?h ... rev=search . Vyzkoušejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět