Pomalé PC
Napsal: 14 led 2018 15:26
Dobrý den,
prosím o kontrolu je to kamaráda PC. Děkuji.
Počítač nejprve vyčištěn adwcleaner potom vytvořen log rsit.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavel at 2018-01-14 15:27:25
Microsoft Windows 8.1
System drive C: has 269 GB (88%) free of 305 GB
Total RAM: 2047 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:27:26, on 14. 1. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhostex.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Pavel\AppData\Local\Temp\TeamViewer\TeamViewer.exe
C:\Windows\system32\taskhost.exe
C:\RSIT.exe
C:\Program Files\trend micro\Pavel.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - c:\users\pavel\appdata\local\temp\teamviewer\TeamViewer_Service.exe
--
End of file - 3815 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-25 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-25 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2000-01-01 12021464]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-06 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2017-10-06 27832264]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-01-14 15:24:04 ----D---- C:\rsit
2018-01-14 15:19:34 ----A---- C:\RSIT.exe
2018-01-14 15:12:23 ----D---- C:\ProgramData\SWCUTemp
2018-01-06 09:12:35 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-01-06 09:12:15 ----A---- C:\Windows\system32\aswBoot.exe
2017-12-16 15:23:01 ----A---- C:\Windows\system32\wuaueng.dll
2017-12-16 15:23:01 ----A---- C:\Windows\system32\wuauclt.exe
2017-12-16 15:23:01 ----A---- C:\Windows\system32\win32k.sys
2017-12-16 15:22:50 ----A---- C:\Windows\system32\uxtheme.dll
2017-12-16 15:22:50 ----A---- C:\Windows\system32\UXInit.dll
2017-12-16 15:22:38 ----A---- C:\Windows\system32\vbscript.dll
2017-12-16 15:22:38 ----A---- C:\Windows\system32\kerberos.dll
2017-12-16 15:22:37 ----A---- C:\Windows\system32\jscript9.dll
2017-12-16 15:22:37 ----A---- C:\Windows\system32\jscript.dll
2017-12-16 15:22:26 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-16 15:22:10 ----A---- C:\Windows\system32\nshwfp.dll
2017-12-16 15:22:10 ----A---- C:\Windows\system32\IKEEXT.DLL
2017-12-16 15:22:08 ----A---- C:\Windows\system32\inetcomm.dll
2017-12-16 15:22:02 ----A---- C:\Windows\system32\lsasrv.dll
2017-12-16 15:21:58 ----A---- C:\Windows\system32\ieframe.dll
2017-12-16 15:21:53 ----A---- C:\Windows\system32\mshtml.dll
2017-12-16 15:21:53 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-16 15:21:49 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-16 15:21:45 ----A---- C:\Windows\system32\wininet.dll
2017-12-16 15:21:26 ----A---- C:\Windows\system32\urlmon.dll
2017-12-16 15:21:26 ----A---- C:\Windows\system32\itss.dll
2017-12-16 15:20:37 ----A---- C:\Windows\system32\drivers\BasicRender.sys
======List of files/folders modified in the last 1 month======
2018-01-14 15:27:26 ----D---- C:\Program Files\trend micro
2018-01-14 15:27:24 ----D---- C:\Windows\Temp
2018-01-14 15:26:42 ----D---- C:\Windows\Prefetch
2018-01-14 15:12:23 ----HD---- C:\ProgramData
2018-01-14 15:11:34 ----D---- C:\Windows
2018-01-14 15:10:21 ----D---- C:\Windows\CbsTemp
2018-01-14 15:09:48 ----D---- C:\Windows\system32\config
2018-01-14 15:06:11 ----D---- C:\AdwCleaner
2018-01-14 15:01:22 ----D---- C:\Windows\SoftwareDistribution
2018-01-14 15:00:53 ----RD---- C:\Program Files
2018-01-14 15:00:01 ----D---- C:\Windows\system32\sru
2018-01-14 14:57:52 ----D---- C:\Windows\inf
2018-01-14 14:57:52 ----D---- C:\Windows\debug
2018-01-14 14:55:35 ----D---- C:\Windows\AppReadiness
2018-01-14 14:55:34 ----HD---- C:\Program Files\WindowsApps
2018-01-14 14:25:09 ----D---- C:\Windows\Microsoft.NET
2018-01-14 14:25:03 ----RD---- C:\Windows\assembly
2018-01-14 14:08:04 ----D---- C:\Windows\system32\MRT
2018-01-14 14:05:27 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-01-14 14:05:17 ----AC---- C:\Windows\system32\MRT.exe
2018-01-14 14:05:07 ----D---- C:\Windows\WinSxS
2018-01-14 14:00:57 ----SHD---- C:\System Volume Information
2018-01-13 16:18:53 ----D---- C:\Windows\system32\Drivers
2018-01-13 16:18:41 ----D---- C:\Windows\system32\catroot2
2018-01-06 09:12:40 ----D---- C:\Windows\system32\Tasks
2018-01-06 09:12:15 ----RD---- C:\Windows\System32
2017-12-28 14:14:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-18 15:39:06 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2017-12-17 20:16:00 ----D---- C:\Windows\system32\DriverStore
2017-12-16 21:17:43 ----D---- C:\Windows\system32\cs-CZ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-06 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-06 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-06 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-06 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-06 294680]
R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 138584]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-06 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-06 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-06 118144]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-09-08 39784]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-06 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-06 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-13 390256]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-13 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-06 151328]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 290304]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2000-01-01 3125592]
R3 RTL8168;@oem4.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x86.sys [2000-01-01 732888]
S1 MpKsl2154706d;MpKsl2154706d; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKsl2154706d.sys [2015-01-28 29904]
S1 MpKsl253ff5c3;MpKsl253ff5c3; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKsl253ff5c3.sys [2015-01-28 29904]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-06 42824]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpio.sys [2013-07-23 22016]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\Windows\System32\drivers\iaioi2c.sys [2013-07-23 61936]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 37888]
S3 WDC_SAM;@oem7.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam.sys [2015-11-12 22216]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-08-16 128704]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-06 301168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 33088]
R2 TeamViewer;TeamViewer 12; c:\users\pavel\appdata\local\temp\teamviewer\TeamViewer_Service.exe [2016-12-15 8193264]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-06 5906816]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-16 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 33088]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-16 154440]
-----------------EOF-----------------
prosím o kontrolu je to kamaráda PC. Děkuji.
Počítač nejprve vyčištěn adwcleaner potom vytvořen log rsit.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavel at 2018-01-14 15:27:25
Microsoft Windows 8.1
System drive C: has 269 GB (88%) free of 305 GB
Total RAM: 2047 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:27:26, on 14. 1. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhostex.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Pavel\AppData\Local\Temp\TeamViewer\TeamViewer.exe
C:\Windows\system32\taskhost.exe
C:\RSIT.exe
C:\Program Files\trend micro\Pavel.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - c:\users\pavel\appdata\local\temp\teamviewer\TeamViewer_Service.exe
--
End of file - 3815 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-25 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-25 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2000-01-01 12021464]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-06 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2017-10-06 27832264]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-01-14 15:24:04 ----D---- C:\rsit
2018-01-14 15:19:34 ----A---- C:\RSIT.exe
2018-01-14 15:12:23 ----D---- C:\ProgramData\SWCUTemp
2018-01-06 09:12:35 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-01-06 09:12:15 ----A---- C:\Windows\system32\aswBoot.exe
2017-12-16 15:23:01 ----A---- C:\Windows\system32\wuaueng.dll
2017-12-16 15:23:01 ----A---- C:\Windows\system32\wuauclt.exe
2017-12-16 15:23:01 ----A---- C:\Windows\system32\win32k.sys
2017-12-16 15:22:50 ----A---- C:\Windows\system32\uxtheme.dll
2017-12-16 15:22:50 ----A---- C:\Windows\system32\UXInit.dll
2017-12-16 15:22:38 ----A---- C:\Windows\system32\vbscript.dll
2017-12-16 15:22:38 ----A---- C:\Windows\system32\kerberos.dll
2017-12-16 15:22:37 ----A---- C:\Windows\system32\jscript9.dll
2017-12-16 15:22:37 ----A---- C:\Windows\system32\jscript.dll
2017-12-16 15:22:26 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-16 15:22:10 ----A---- C:\Windows\system32\nshwfp.dll
2017-12-16 15:22:10 ----A---- C:\Windows\system32\IKEEXT.DLL
2017-12-16 15:22:08 ----A---- C:\Windows\system32\inetcomm.dll
2017-12-16 15:22:02 ----A---- C:\Windows\system32\lsasrv.dll
2017-12-16 15:21:58 ----A---- C:\Windows\system32\ieframe.dll
2017-12-16 15:21:53 ----A---- C:\Windows\system32\mshtml.dll
2017-12-16 15:21:53 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-16 15:21:49 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-16 15:21:45 ----A---- C:\Windows\system32\wininet.dll
2017-12-16 15:21:26 ----A---- C:\Windows\system32\urlmon.dll
2017-12-16 15:21:26 ----A---- C:\Windows\system32\itss.dll
2017-12-16 15:20:37 ----A---- C:\Windows\system32\drivers\BasicRender.sys
======List of files/folders modified in the last 1 month======
2018-01-14 15:27:26 ----D---- C:\Program Files\trend micro
2018-01-14 15:27:24 ----D---- C:\Windows\Temp
2018-01-14 15:26:42 ----D---- C:\Windows\Prefetch
2018-01-14 15:12:23 ----HD---- C:\ProgramData
2018-01-14 15:11:34 ----D---- C:\Windows
2018-01-14 15:10:21 ----D---- C:\Windows\CbsTemp
2018-01-14 15:09:48 ----D---- C:\Windows\system32\config
2018-01-14 15:06:11 ----D---- C:\AdwCleaner
2018-01-14 15:01:22 ----D---- C:\Windows\SoftwareDistribution
2018-01-14 15:00:53 ----RD---- C:\Program Files
2018-01-14 15:00:01 ----D---- C:\Windows\system32\sru
2018-01-14 14:57:52 ----D---- C:\Windows\inf
2018-01-14 14:57:52 ----D---- C:\Windows\debug
2018-01-14 14:55:35 ----D---- C:\Windows\AppReadiness
2018-01-14 14:55:34 ----HD---- C:\Program Files\WindowsApps
2018-01-14 14:25:09 ----D---- C:\Windows\Microsoft.NET
2018-01-14 14:25:03 ----RD---- C:\Windows\assembly
2018-01-14 14:08:04 ----D---- C:\Windows\system32\MRT
2018-01-14 14:05:27 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-01-14 14:05:17 ----AC---- C:\Windows\system32\MRT.exe
2018-01-14 14:05:07 ----D---- C:\Windows\WinSxS
2018-01-14 14:00:57 ----SHD---- C:\System Volume Information
2018-01-13 16:18:53 ----D---- C:\Windows\system32\Drivers
2018-01-13 16:18:41 ----D---- C:\Windows\system32\catroot2
2018-01-06 09:12:40 ----D---- C:\Windows\system32\Tasks
2018-01-06 09:12:15 ----RD---- C:\Windows\System32
2017-12-28 14:14:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-18 15:39:06 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2017-12-17 20:16:00 ----D---- C:\Windows\system32\DriverStore
2017-12-16 21:17:43 ----D---- C:\Windows\system32\cs-CZ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-06 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-06 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-06 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-06 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-06 294680]
R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 138584]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-06 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-06 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-06 118144]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-09-08 39784]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-06 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-06 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-13 390256]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-13 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-06 151328]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 290304]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2000-01-01 3125592]
R3 RTL8168;@oem4.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x86.sys [2000-01-01 732888]
S1 MpKsl2154706d;MpKsl2154706d; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKsl2154706d.sys [2015-01-28 29904]
S1 MpKsl253ff5c3;MpKsl253ff5c3; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKsl253ff5c3.sys [2015-01-28 29904]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-06 42824]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpio.sys [2013-07-23 22016]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\Windows\System32\drivers\iaioi2c.sys [2013-07-23 61936]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 37888]
S3 WDC_SAM;@oem7.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam.sys [2015-11-12 22216]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-08-16 128704]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-06 301168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 33088]
R2 TeamViewer;TeamViewer 12; c:\users\pavel\appdata\local\temp\teamviewer\TeamViewer_Service.exe [2016-12-15 8193264]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-06 5906816]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-16 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 33088]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-16 154440]
-----------------EOF-----------------
