Chtěl bych požádat o kontrolu. Díky! Zdenek.
Logfile of random's system information tool 1.10 (written by random/random)
Run by wow at 2016-04-19 20:51:11
Microsoft Windows 10 Home
System drive C: has 97 GB (48%) free of 199 GB
Total RAM: 3056 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:51:13, on 19.4.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Altap Salamander\salamand.exe
C:\Program Files (x86)\Altap Salamander\utils\salmon.exe
C:\Program Files\trend micro\wow.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O3 - Toolbar: O2 SMSender - {24BCDA96-8FCB-4D3B-0500-000000000003} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\wow\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat jako MMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.186.dll/1003
O8 - Extra context menu item: Poslat jako SMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.186.dll/1001
O8 - Extra context menu item: Poslat MMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.186.dll/1002
O8 - Extra context menu item: Poslat SMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.186.dll/1000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8788 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-592037c8-8e19-4eb7-ac42-d6324f04fa60 -SystemEventPortName:HostProcess-9e1b3c2b-3958-4904-9143-ea8534ea30da -IoCancelEventPortName:HostProcess-f6665cb3-ea93-427f-899c-8fa84fb3d79e -NonStateChangingEventPortName:HostProcess-d24f0f0b-a3f4-4395-9abd-45b683f975c6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2e684f77-8f8a-4ad7-9852-621fb3a7161e -DeviceGroupId:WpdFsGroup
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\mqsvc.exe
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
sihost.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Altap Salamander\salamand.exe"
"C:\Program Files (x86)\Altap Salamander\utils\salmon.exe" "SalmonB1" "czech.slg"
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\log.txt
"D:\Programy\Safety\Viry_RSIT\RSITx64_2.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jid1-r1tDuNiNb4SEww@jetpack"=C:\Program Files\AVAST Software\Avast\pam\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{24BCDA96-8FCB-4D3B-0500-000000000003} - O2 SMSender - C:\WINDOWS\system32\mscoree.dll [2015-10-30 396288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"snpstd3"=C:\WINDOWS\vsnpstd3.exe [2006-09-18 843776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\wow\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-22 551112]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14 1085656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-04-16 7390608]
"WD Drive Unlocker"=C:\Program Files (x86)\Western Digital\WD Apps\WDDriveAutoUnlock.exe [2011-12-16 1687968]
"DriveUtilitiesHelper"=C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2015-07-31 1890664]
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2015-07-20 5564784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-04-19 14:22:18 ----A---- C:\TDSSKiller.3.1.0.9_19.04.2016_14.22.18_log.txt
2016-04-16 09:12:35 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-04-16 09:12:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-04-16 09:12:10 ----A---- C:\WINDOWS\avastSS.scr
2016-04-14 12:40:59 ----D---- C:\WINDOWS\PCHEALTH
2016-04-13 15:35:12 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-04-13 15:35:10 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-04-13 15:34:54 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 15:34:52 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-04-13 15:34:47 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-04-13 15:34:43 ----A---- C:\WINDOWS\system32\twinui.dll
2016-04-13 15:34:40 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-04-13 15:34:38 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-04-13 15:34:37 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 15:34:36 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-04-13 15:34:35 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 15:34:33 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 15:34:32 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-04-13 15:34:32 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 15:34:31 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-04-13 15:34:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-04-13 15:34:29 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-04-13 15:34:28 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-04-13 15:34:28 ----A---- C:\WINDOWS\system32\wininet.dll
2016-04-13 15:34:28 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 15:34:27 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-04-13 15:34:27 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 15:34:26 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 15:34:25 ----A---- C:\WINDOWS\system32\esent.dll
2016-04-13 15:34:24 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-04-13 15:34:24 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-04-13 15:34:24 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-04-13 15:34:23 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-04-13 15:34:23 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 15:34:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 15:34:22 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 15:34:22 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-04-13 15:34:22 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 15:34:21 ----A---- C:\WINDOWS\system32\winload.exe
2016-04-13 15:34:21 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 15:34:21 ----A---- C:\WINDOWS\system32\InputService.dll
2016-04-13 15:34:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-04-13 15:34:20 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 15:34:20 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 15:34:19 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 15:34:19 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-04-13 15:34:18 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-04-13 15:34:18 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-04-13 15:34:18 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-04-13 15:34:17 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-04-13 15:34:15 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-04-13 15:34:15 ----A---- C:\WINDOWS\system32\winresume.exe
2016-04-13 15:34:15 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 15:34:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-04-13 15:34:14 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 15:34:13 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 15:34:13 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-04-13 15:34:12 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 15:34:12 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 15:34:12 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-04-13 15:34:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-04-13 15:34:11 ----A---- C:\WINDOWS\system32\SRH.dll
2016-04-13 15:34:11 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 15:34:11 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 15:34:10 ----A---- C:\WINDOWS\SYSWOW64\AccountsRt.dll
2016-04-13 15:34:10 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-04-13 15:34:10 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 15:34:10 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 15:34:09 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-04-13 15:34:09 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-04-13 15:34:09 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 15:34:09 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-04-13 15:34:09 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-04-13 15:34:08 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-04-13 15:34:08 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-04-13 15:34:08 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-04-13 15:34:08 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-04-13 15:34:08 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 15:34:07 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-04-13 15:34:07 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 15:34:07 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 15:34:07 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 15:34:06 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 15:34:06 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-04-13 15:34:06 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 15:34:06 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-04-13 15:34:05 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-04-13 15:34:04 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 15:34:04 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 15:34:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-04-13 15:34:03 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-04-13 15:34:02 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-04-13 15:34:02 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 15:34:02 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 15:34:02 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 15:34:01 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-04-13 15:34:01 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 15:34:01 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-04-13 15:33:58 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 15:33:57 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2016-04-13 15:33:57 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-04-13 15:33:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-04-13 15:33:57 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 15:33:57 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-04-13 15:33:56 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-04-13 15:33:56 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-04-13 15:33:56 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 15:33:56 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-04-13 15:33:55 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-04-13 15:33:55 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-04-13 15:33:55 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-04-13 15:33:55 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-04-13 15:33:54 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2016-04-13 15:33:54 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 15:33:54 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 15:33:54 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 15:33:53 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2016-04-13 15:33:53 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-04-13 15:33:53 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 15:33:52 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 15:33:52 ----A---- C:\WINDOWS\system32\msi.dll
2016-04-13 15:33:52 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2016-04-13 15:33:52 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-04-13 15:33:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-04-13 15:33:51 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-04-13 15:33:51 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 15:33:51 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-04-13 15:33:50 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2016-04-13 15:33:50 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-04-13 15:33:50 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-04-13 15:33:50 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-04-13 15:33:50 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 15:33:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2016-04-13 15:33:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2016-04-13 15:33:49 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-04-13 15:33:48 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 15:33:48 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-04-13 15:33:48 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-04-13 15:33:48 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-04-13 15:33:48 ----A---- C:\WINDOWS\system32\LsaIso.exe
2016-04-13 15:33:48 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-04-13 15:33:48 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 15:33:47 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-04-13 15:33:47 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-04-13 15:33:47 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-04-13 15:33:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-04-13 15:33:41 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-04-13 15:33:41 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 15:33:41 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-04-13 15:33:41 ----A---- C:\WINDOWS\system32\ncbservice.dll
2016-04-13 15:33:41 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 15:33:41 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-04-13 15:33:40 ----A---- C:\WINDOWS\system32\fveui.dll
2016-04-13 15:33:40 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 15:33:39 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-04-13 15:33:39 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 15:33:39 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 15:33:39 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-04-13 15:33:39 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-04-13 15:33:38 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 15:33:38 ----A---- C:\WINDOWS\system32\omadmapi.dll
2016-04-13 15:33:38 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 15:33:38 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 15:33:37 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2016-04-13 15:33:37 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-04-13 15:33:37 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-04-13 15:33:36 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2016-04-13 15:33:36 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2016-04-13 15:33:36 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-04-13 15:33:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 15:33:35 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 15:33:35 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-04-13 15:33:34 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2016-04-13 15:33:33 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-04-13 15:33:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2016-04-13 15:33:33 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2016-04-13 15:33:33 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-04-13 15:33:32 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2016-04-13 15:33:32 ----A---- C:\WINDOWS\system32\iuilp.dll
2016-04-13 15:33:32 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-04-13 15:33:31 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-04-13 15:33:31 ----A---- C:\WINDOWS\system32\oleacc.dll
2016-04-13 15:33:31 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2016-04-13 15:33:31 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2016-04-13 15:33:31 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 15:33:30 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2016-04-13 15:33:30 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-04-13 15:33:30 ----A---- C:\WINDOWS\system32\easinvoker.exe
2016-04-13 15:33:30 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-04-13 15:33:29 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2016-04-13 15:33:29 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-04-13 15:33:29 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-04-13 15:33:28 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2016-04-13 15:33:28 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-04-13 15:33:28 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 15:33:28 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-04-13 15:33:28 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 15:33:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-04-13 15:33:27 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 15:33:27 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 15:33:26 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-04-13 15:33:26 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 15:33:26 ----A---- C:\WINDOWS\system32\credprovhost.dll
2016-04-13 15:33:22 ----A---- C:\WINDOWS\system32\easwrt.dll
2016-04-13 15:33:21 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 15:33:21 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 15:33:21 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 15:33:21 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 15:33:21 ----A---- C:\WINDOWS\system32\dmcsps.dll
2016-04-13 15:33:21 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-04-13 15:33:20 ----A---- C:\WINDOWS\SYSWOW64\wsdchngr.dll
2016-04-13 15:33:20 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2016-04-13 15:33:20 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 15:33:20 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-04-13 15:33:19 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-04-13 15:33:19 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2016-04-13 15:33:18 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 15:33:18 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 15:33:18 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 15:33:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 15:33:17 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 15:33:17 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-04-13 15:33:16 ----A---- C:\WINDOWS\SYSWOW64\browcli.dll
2016-04-13 15:33:16 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 15:33:16 ----A---- C:\WINDOWS\system32\fvewiz.dll
2016-04-13 15:33:16 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-04-13 15:33:15 ----A---- C:\WINDOWS\system32\browser.dll
2016-04-13 15:33:15 ----A---- C:\WINDOWS\system32\browcli.dll
2016-04-13 15:33:14 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-04-13 15:33:14 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-04-13 15:33:14 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 15:33:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 15:33:13 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-04-13 15:33:12 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-04-13 15:33:11 ----A---- C:\WINDOWS\system32\tbauth.dll
2016-04-13 15:33:11 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 15:33:10 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2016-04-13 15:33:09 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-04-13 15:33:09 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-04-13 15:33:09 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-04-13 15:33:08 ----A---- C:\WINDOWS\system32\samlib.dll
2016-04-13 15:33:07 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-04-13 15:33:07 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-04-13 15:33:07 ----A---- C:\WINDOWS\system32\wups.dll
2016-04-13 15:33:07 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 15:33:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 15:33:06 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-04-13 15:33:06 ----A---- C:\WINDOWS\system32\FontProvider.dll
2016-04-13 15:33:05 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2016-04-13 15:33:05 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2016-04-13 15:33:05 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 15:33:05 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 15:33:05 ----A---- C:\WINDOWS\system32\moshost.dll
2016-04-13 15:33:05 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-04-13 15:33:04 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 15:33:04 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 15:33:03 ----A---- C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 15:33:03 ----A---- C:\WINDOWS\system32\mos.dll
2016-04-13 15:33:02 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-04-13 15:33:02 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-04-13 15:33:02 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 15:33:01 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-04-13 15:33:01 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-04-13 15:33:01 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-04-13 15:33:01 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 15:33:01 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-04-13 15:33:01 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 15:33:00 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2016-04-13 15:33:00 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2016-04-13 15:33:00 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-04-13 15:33:00 ----A---- C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 15:33:00 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 15:33:00 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-04-13 15:32:59 ----A---- C:\WINDOWS\SYSWOW64\oleacchooks.dll
2016-04-13 15:32:59 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-04-13 15:32:59 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-04-13 15:32:59 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-04-13 15:32:58 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-04-13 15:32:58 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 15:32:58 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 15:32:58 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-04-13 15:32:57 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-04-13 15:32:57 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-04-13 15:32:57 ----A---- C:\WINDOWS\system32\MTF.dll
2016-04-13 15:32:57 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 15:32:57 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-04-13 15:32:56 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2016-04-12 14:15:21 ----D---- C:\TEMP
2016-04-08 00:55:20 ----A---- C:\WINDOWS\SYSWOW64\WDPABKP.dat
2016-04-06 15:46:44 ----D---- C:\ProgramData\Apple
2016-04-06 15:46:25 ----D---- C:\Users\wow\AppData\Roaming\5kplayer
2016-03-30 12:59:55 ----RD---- C:\Program Files (x86)\Skype
======List of files/folders modified in the last 1 month======
2016-04-19 20:51:12 ----D---- C:\Program Files\trend micro
2016-04-19 20:46:11 ----D---- C:\WINDOWS\Prefetch
2016-04-19 20:35:50 ----D---- C:\WINDOWS\System32
2016-04-19 20:35:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-19 20:35:49 ----D---- C:\WINDOWS\INF
2016-04-19 20:32:17 ----D---- C:\WINDOWS\SoftwareDistribution
2016-04-19 20:32:16 ----D---- C:\Windows
2016-04-19 20:31:50 ----D---- C:\WINDOWS\Temp
2016-04-19 20:31:28 ----D---- C:\WINDOWS\SysWOW64
2016-04-19 20:31:10 ----D---- C:\WINDOWS\system32\sru
2016-04-19 20:30:59 ----D---- C:\ProgramData\NVIDIA
2016-04-19 20:21:36 ----AD---- C:\Program Files\RogueKiller
2016-04-19 20:01:38 ----D---- C:\WINDOWS\system32\drivers
2016-04-19 19:54:59 ----D---- C:\WINDOWS\AppReadiness
2016-04-19 19:54:58 ----HD---- C:\Program Files\WindowsApps
2016-04-19 19:52:50 ----D---- C:\WINDOWS\system32\config
2016-04-19 19:37:55 ----D---- C:\WINDOWS\Microsoft.NET
2016-04-19 14:20:35 ----D---- C:\AdwCleaner
2016-04-18 18:01:47 ----HD---- C:\ProgramData
2016-04-16 18:33:33 ----D---- C:\WINDOWS\system32\NDF
2016-04-16 18:27:14 ----D---- C:\WINDOWS\system32\WDI
2016-04-16 13:05:20 ----RD---- C:\WINDOWS\assembly
2016-04-16 09:56:12 ----SHD---- C:\WINDOWS\Installer
2016-04-16 09:56:12 ----SHD---- C:\Config.Msi
2016-04-16 09:17:41 ----D---- C:\WINDOWS\system32\Tasks
2016-04-16 09:12:27 ----D---- C:\WINDOWS\WinSxS
2016-04-16 09:12:18 ----D---- C:\ProgramData\AVAST Software
2016-04-16 09:11:58 ----D---- C:\Program Files\AVAST Software
2016-04-16 02:24:40 ----D---- C:\WINDOWS\debug
2016-04-14 20:45:18 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-04-14 20:45:17 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-04-14 20:45:17 ----D---- C:\WINDOWS\system32\cs-CZ
2016-04-14 20:45:17 ----D---- C:\WINDOWS\system32\Boot
2016-04-14 20:45:17 ----D---- C:\WINDOWS\system32\appraiser
2016-04-14 20:45:16 ----D---- C:\WINDOWS\PolicyDefinitions
2016-04-14 20:45:15 ----D---- C:\WINDOWS\bcastdvr
2016-04-14 20:45:15 ----D---- C:\WINDOWS\AppPatch
2016-04-14 20:45:14 ----D---- C:\WINDOWS\system32\DriverStore
2016-04-14 12:49:21 ----D---- C:\WINDOWS\CbsTemp
2016-04-14 12:46:55 ----D---- C:\ProgramData\Microsoft Help
2016-04-14 12:46:29 ----D---- C:\WINDOWS\system32\MRT
2016-04-14 12:41:14 ----A---- C:\WINDOWS\system32\MRT.exe
2016-04-14 12:37:51 ----SHD---- C:\System Volume Information
2016-04-13 15:17:52 ----D---- C:\WINDOWS\system32\catroot2
2016-04-12 13:28:54 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2016-04-08 00:52:33 ----D---- C:\WINDOWS\system32\CatRoot
2016-04-08 00:51:56 ----AD---- C:\Program Files (x86)\Calibre2
2016-04-07 10:19:02 ----RD---- C:\Program Files (x86)
2016-04-07 10:19:02 ----RD---- C:\Program Files
2016-04-06 20:32:08 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-04-04 03:25:50 ----D---- C:\Users\wow\AppData\Roaming\BitTorrent
2016-04-03 14:10:45 ----D---- C:\WINDOWS\rescache
2016-04-03 14:05:38 ----D---- C:\WINDOWS\Logs
2016-03-30 13:00:42 ----D---- C:\Users\wow\AppData\Roaming\Skype
2016-03-30 13:00:05 ----D---- C:\ProgramData\Skype
2016-03-30 12:59:56 ----D---- C:\Program Files (x86)\Common Files
2016-03-21 12:58:06 ----D---- C:\WINDOWS\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-04-16 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-04-16 287528]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-04-16 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-04-16 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-04-16 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-04-16 465792]
R1 dtsoftbus01;@oem0.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-10-25 283064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-04-16 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-04-16 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-04-16 166432]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-02-22 175616]
R3 NVHDA;@oem11.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-11-19 206120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-11-19 12907704]
R3 SNPSTD3;@oem1.inf,%SERVICE_DISPLAY_NAME%;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2007-04-03 10535040]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2015-10-30 131584]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-02-22 117248]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-09-04 38048]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-03-29 258912]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2015-10-30 46080]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\WINDOWS\System32\drivers\usbser.sys [2016-02-22 67072]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-04-16 243296]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-02-22 26624]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-10-13 933168]
R2 OneSyncSvc_2e22a;Hostitel synchronizace_2e22a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2e22a;Služba zasílání zpráv_2e22a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2e22a;Data kontaktů_2e22a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_2e22a;Úložiště uživatelských dat_2e22a; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Zdravím,
stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
Nero BackItUp Scheduler 3 - Nero AG
NMIndexingService - Nero AG
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
V Knihovně Plánovače úloh zakaž Google Update bude to tam vícekrát.
Jinak tam nic špatného nevidím, je tedy nějaký problém s PC ?
stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
Nero BackItUp Scheduler 3 - Nero AG
NMIndexingService - Nero AG
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
V Knihovně Plánovače úloh zakaž Google Update bude to tam vícekrát.
Jinak tam nic špatného nevidím, je tedy nějaký problém s PC ?
Re: Kontrola logu
Děkuji! provedl jsem přesně dle pokynů. Včera se mi začal PC trochu sekat, načítání trvalo déle než obvykle a celkově jsem vypozoroval odlišné chování. Takže dám sem na forum do dvou dnů vědět jak to vypadá a pokud bude vše OK, téma bychom uzavřeli. Ještě jednou díky! Zdenek.
Re: Kontrola logu
Stopnuli jsme zbytečnosti což startu PC pomůže, ještě to můžem hlouběji projet na breberky.mlzd píše:Děkuji! provedl jsem přesně dle pokynů. Včera se mi začal PC trochu sekat, načítání trvalo déle než obvykle a celkově jsem vypozoroval odlišné chování. Takže dám sem na forum do dvou dnů vědět jak to vypadá a pokud bude vše OK, téma bychom uzavřeli. Ještě jednou díky! Zdenek.
Stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report
Spusť skener Cure It podle TOHOTO návodu
po skončení skenu mi sem nakopíruj výsledky - stačí konec logu se souhrnem.
(Upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)
Re: Kontrola logu
Zdravím po odmlce. AdwCleanerem promáznuto.
Stáhl jsem si Cure It. Vzhledem k poměrné časové náročnosti projedu zítra a přidám výsledek akce. Díky!
# AdwCleaner v5.035 - Logfile created 06/03/2016 at 22:04:28
# Updated 18/02/2016 by Xplode
# Database : 2016-03-06.3 [Server]
# Operating system : Windows 10 Home (x64)
# Username : wow - WOW-PC
# Running from : D:\Programy\Safety\adwcleaner_5.035.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.ptid", "amt");
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.uid", "395049983_1052514_92E9B596");
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1199 bytes] ##########
# AdwCleaner v5.113 - Logfile created 27/04/2016 at 20:47:43
# Updated 24/04/2016 by Xplode
# Database : 2016-04-24.3 [Server]
# Operating system : Windows 10 Home (X64)
# Username : wow - WOW-PC
# Running from : D:\Programy\Safety\adwcleaner_5.113.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1957 bytes] - [06/03/2016 23:04:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [886 bytes] - [21/03/2016 23:32:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [958 bytes] - [19/04/2016 03:53:18]
C:\AdwCleaner\AdwCleaner[S3].txt - [1030 bytes] - [19/04/2016 14:20:35]
C:\AdwCleaner\AdwCleaner[S4].txt - [1104 bytes] - [27/04/2016 20:37:28]
C:\AdwCleaner\AdwCleaner[S5].txt - [2273 bytes] - [06/03/2016 23:01:05]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2393 bytes] ##########
CURE IT - začátek logu:
=============================================================================
Dr.Web Scanner SE for Windows v9.1.3.11270
(c) Doctor Web, Ltd., 1992-2013
Scan session started 2016/04/28 11:00:32
Module location : C:\Users\wow\AppData\Local\Temp\522CFAB9-6A4038EF-AD675D81-CB6C5C19\
=============================================================================
OPTION [Automatic Apply Actions] NO
OPTION [Turn Off Computer After Scan] NO
OPTION [Use Sound Alerts] NO
OPTION [Block Network] NO
OPTION [Protect Process] NO
OPTION [Protect Raw Disk] NO
Time from server is: 2016-04-28 12:00:31
Using language: "English"
Available instances: 6
Instances used: 6
Platform: Windows 10 Starter x64/WOW (Build 10586)
API Version: 2.2
Scanning Engine version: 10.0.10.12141
Virus Finding Engine version: 7.0.18.3140
CURE IT - konec logu:
Total 8027765239 bytes in 28610 files scanned (31314 objects)
Total 28565 files (31262 objects) are clean
There are no infected objects detected
Total 52 files are raised error condition
Scan time is 00:18:25.759
--------------------------------------------------------------------------
Pozn.
Po spuštění na mě vykoukla trochu jiná okna oproti těm v návodu:
Stáhl jsem si Cure It. Vzhledem k poměrné časové náročnosti projedu zítra a přidám výsledek akce. Díky!
# AdwCleaner v5.035 - Logfile created 06/03/2016 at 22:04:28
# Updated 18/02/2016 by Xplode
# Database : 2016-03-06.3 [Server]
# Operating system : Windows 10 Home (x64)
# Username : wow - WOW-PC
# Running from : D:\Programy\Safety\adwcleaner_5.035.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.ptid", "amt");
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.uid", "395049983_1052514_92E9B596");
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1199 bytes] ##########
# AdwCleaner v5.113 - Logfile created 27/04/2016 at 20:47:43
# Updated 24/04/2016 by Xplode
# Database : 2016-04-24.3 [Server]
# Operating system : Windows 10 Home (X64)
# Username : wow - WOW-PC
# Running from : D:\Programy\Safety\adwcleaner_5.113.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1957 bytes] - [06/03/2016 23:04:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [886 bytes] - [21/03/2016 23:32:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [958 bytes] - [19/04/2016 03:53:18]
C:\AdwCleaner\AdwCleaner[S3].txt - [1030 bytes] - [19/04/2016 14:20:35]
C:\AdwCleaner\AdwCleaner[S4].txt - [1104 bytes] - [27/04/2016 20:37:28]
C:\AdwCleaner\AdwCleaner[S5].txt - [2273 bytes] - [06/03/2016 23:01:05]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2393 bytes] ##########
CURE IT - začátek logu:
=============================================================================
Dr.Web Scanner SE for Windows v9.1.3.11270
(c) Doctor Web, Ltd., 1992-2013
Scan session started 2016/04/28 11:00:32
Module location : C:\Users\wow\AppData\Local\Temp\522CFAB9-6A4038EF-AD675D81-CB6C5C19\
=============================================================================
OPTION [Automatic Apply Actions] NO
OPTION [Turn Off Computer After Scan] NO
OPTION [Use Sound Alerts] NO
OPTION [Block Network] NO
OPTION [Protect Process] NO
OPTION [Protect Raw Disk] NO
Time from server is: 2016-04-28 12:00:31
Using language: "English"
Available instances: 6
Instances used: 6
Platform: Windows 10 Starter x64/WOW (Build 10586)
API Version: 2.2
Scanning Engine version: 10.0.10.12141
Virus Finding Engine version: 7.0.18.3140
CURE IT - konec logu:
Total 8027765239 bytes in 28610 files scanned (31314 objects)
Total 28565 files (31262 objects) are clean
There are no infected objects detected
Total 52 files are raised error condition
Scan time is 00:18:25.759
--------------------------------------------------------------------------
Pozn.
Po spuštění na mě vykoukla trochu jiná okna oproti těm v návodu:
- okno.JPG (79.15 KiB) Zobrazeno 1202 x
Re: Kontrola logu
Doplnil jsem předchozí zprávu.
Re: Kontrola logu
Nic podezřelého nezjištěno. Vše běží hladce jak má. Díky za radu a pomoc!
Zd.
Zd.
Přispějete na provoz fóra?