VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

čístka, zrychlení, preventivka

https://forum.viry.cz:443/viewtopic.php?t=154466

Stránka 1 z 1

čístka, zrychlení, preventivka

Napsal: 30 čer 2018 12:29
od afro-0
Dobrý den, mohu Vás poprosit o čístku havěti a čístku ?!.
Moc děkuji.

Zde log z RSIT :

Logfile of random's system information tool 1.10 (written by random/random)
Run by doma at 2018-06-30 13:09:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 22 GB (22%) free of 100 GB
Total RAM: 4095 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:09:34, on 30.6.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\doma.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart ... 0519__yaie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_75FB0DFF46A3918D104EF3B6503EF98A] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: KooBits 4.lnk = C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2 ... rol_32.CAB
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WC Assistant (WCAssistantService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8560 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b27f6db3-4785-4b47-96ec-be866c0cd6b6 -SystemEventPortName:HostProcess-d9879e26-f36c-479b-aab3-8cfcfade3bc5 -IoCancelEventPortName:HostProcess-af191003-a89c-4b9e-b344-8a412a4213bc -NonStateChangingEventPortName:HostProcess-c7aecba3-33c3-4377-97cb-9023887ecc93 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4b9d8509-96a4-4ab8-9f4e-d10b0b4edd3e -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-11215071991887675371-1088941968-379400618-6281456771226238204-1916508334-14858934
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
AvastUI.exe /nogui
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k swprv
taskeng.exe {5C4ED0A5-0770-46D9-882E-28134D270FBD}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Users\doma\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-06-30 938712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-30 480200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-30 812248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-30 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11 13776088]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-10-18 2397120]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-10-18 1767712]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-06-30 242904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [2018-05-19 7722600]
"AvastBrowserAutoLaunch_75FB0DFF46A3918D104EF3B6503EF98A"=C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2018-06-12 1808264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe [2018-06-30 1984184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]

C:\Users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KooBits 4.lnk - C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-06-30 13:09:32 ----D---- C:\rsit
2018-06-30 13:00:07 ----D---- C:\Program Files\CCleaner
2018-06-30 11:30:11 ----SHD---- C:\Config.Msi
2018-06-30 11:28:24 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-06-30 11:28:24 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-06-30 11:28:24 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-06-30 11:28:24 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-06-30 11:28:24 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-06-30 11:28:24 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-06-30 11:28:21 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-06-30 11:28:21 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-06-30 11:28:21 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-06-30 11:28:21 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-06-30 11:28:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-06-30 11:28:17 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-06-30 11:28:17 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-06-30 11:28:12 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-06-30 11:28:12 ----A---- C:\Windows\system32\wkssvc.dll
2018-06-30 11:28:12 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-06-30 11:28:12 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-06-30 11:28:12 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-06-30 11:28:12 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-06-30 11:28:07 ----A---- C:\Windows\system32\ucrtbase.dll
2018-06-30 11:28:07 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-06-30 11:28:05 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-06-30 11:28:05 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-30 11:27:02 ----A---- C:\Windows\SYSWOW64\user.exe
2018-06-30 11:27:02 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\WcnEapPeerProxy.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\tquery.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\sscore.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\rasser.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\Query.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\P2P.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\mssph.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\fdWCN.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\wshnetbs.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\WcnEapPeerProxy.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\spwmp.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\SearchFilterHost.exe
2018-06-30 11:27:01 ----A---- C:\Windows\system32\Query.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\mssphtb.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\msshooks.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\msscntrs.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\msimsg.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\KernelBase.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\itircl.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\iprtprio.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\iernonce.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\hhsetup.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\dxmasf.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\drivers\swenum.sys
2018-06-30 11:27:01 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2018-06-30 11:27:01 ----A---- C:\Windows\system32\comcat.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\cdosys.dll
2018-06-30 11:27:01 ----A---- C:\Windows\hh.exe
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\itss.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\hhsetup.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\hh.exe
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\winsrv.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\wdigest.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\tquery.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\taskcomp.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2018-06-30 11:27:00 ----A---- C:\Windows\system32\SearchIndexer.exe
2018-06-30 11:27:00 ----A---- C:\Windows\system32\mssph.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\mssitlb.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\certcli.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\WcnEapAuthProxy.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\WcnApi.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\rasmxs.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\racpldlg.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\itircl.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-06-30 11:26:59 ----A---- C:\Windows\system32\wshqos.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\WcnEapAuthProxy.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\rtm.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\P2P.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\msxml6r.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\mprdim.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\kernel32.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-06-30 11:26:59 ----A---- C:\Windows\system32\fdWCN.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\drivers\AGP440.sys
2018-06-30 11:26:59 ----A---- C:\Windows\system32\credssp.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\auditpol.exe
2018-06-30 11:26:59 ----A---- C:\Windows\system32\atmlib.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-06-30 11:26:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2018-06-30 11:26:58 ----A---- C:\Windows\SYSWOW64\wmp.dll
2018-06-30 11:26:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-06-30 11:26:58 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2018-06-30 11:26:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\srclient.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\mssvp.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\mssrch.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\inseng.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\ie4uinit.exe
2018-06-30 11:26:57 ----A---- C:\Windows\system32\spoolsv.exe
2018-06-30 11:26:57 ----A---- C:\Windows\system32\schedsvc.dll
2018-06-30 11:26:57 ----A---- C:\Windows\system32\msxml6.dll
2018-06-30 11:26:56 ----A---- C:\Windows\system32\wisptis.exe
2018-06-30 11:26:56 ----A---- C:\Windows\system32\WinSCard.dll
2018-06-30 11:26:56 ----A---- C:\Windows\system32\schannel.dll
2018-06-30 11:26:56 ----A---- C:\Windows\system32\MSVidCtl.dll
2018-06-30 11:26:56 ----A---- C:\Windows\system32\hlink.dll
2018-06-30 11:26:56 ----A---- C:\Windows\system32\conhost.exe
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\wshqos.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\rtm.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\iprtprio.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\authui.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\tzres.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\streamci.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\racpldlg.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\p2psvc.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\ntvdm64.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\mssprxy.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\msihnd.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS
2018-06-30 11:26:55 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-06-30 11:26:55 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2018-06-30 11:26:55 ----A---- C:\Windows\system32\drivers\isapnp.sys
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\xpsrchvw.exe
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-06-30 11:26:54 ----A---- C:\Windows\system32\WcnApi.dll
2018-06-30 11:26:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-30 11:26:54 ----A---- C:\Windows\system32\drivers\appid.sys
2018-06-30 11:26:54 ----A---- C:\Windows\system32\appidsvc.dll
2018-06-30 11:26:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-06-30 11:26:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-06-30 11:26:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-06-30 11:26:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-06-30 11:26:53 ----A---- C:\Windows\system32\wmploc.DLL
2018-06-30 11:26:53 ----A---- C:\Windows\system32\urlmon.dll
2018-06-30 11:26:53 ----A---- C:\Windows\system32\srcore.dll
2018-06-30 11:26:53 ----A---- C:\Windows\system32\INETRES.dll
2018-06-30 11:26:53 ----A---- C:\Windows\system32\iedkcs32.dll
2018-06-30 11:26:52 ----A---- C:\Windows\system32\wmp.dll
2018-06-30 11:26:52 ----A---- C:\Windows\system32\occache.dll
2018-06-30 11:26:51 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\sysmain.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\gpedit.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\consent.exe
2018-06-30 11:26:51 ----A---- C:\Windows\system32\authui.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\actxprxy.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\icm32.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2018-06-30 11:26:50 ----A---- C:\Windows\system32\fontsub.dll
2018-06-30 11:26:50 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-06-30 11:26:50 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS
2018-06-30 11:26:50 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-06-30 11:26:50 ----A---- C:\Windows\system32\drivers\errdev.sys
2018-06-30 11:26:50 ----A---- C:\Windows\system32\dciman32.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\lpk.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\hlink.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\wow64cpu.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\sspisrv.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\sscore.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\secur32.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\lsass.exe
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\wmiacpi.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\volmgr.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\pci.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\hidusb.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\csrsrv.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\appinfo.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\apisetschema.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\xpsrchvw.exe
2018-06-30 11:26:48 ----A---- C:\Windows\system32\wcncsvc.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\TabSvc.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\rascfg.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-30 11:26:48 ----A---- C:\Windows\system32\msfeeds.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\dxtrans.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\appidapi.dll
2018-06-30 11:26:47 ----A---- C:\Windows\system32\iesetup.dll
2018-06-30 11:26:47 ----A---- C:\Windows\system32\iertutil.dll
2018-06-30 11:26:47 ----A---- C:\Windows\system32\ieapfltr.dll
2018-06-30 11:26:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-06-30 11:26:46 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-06-30 11:26:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-06-30 11:26:46 ----A---- C:\Windows\system32\wow64win.dll
2018-06-30 11:26:46 ----A---- C:\Windows\system32\vbscript.dll
2018-06-30 11:26:46 ----A---- C:\Windows\system32\shell32.dll
2018-06-30 11:26:45 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-06-30 11:26:45 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2018-06-30 11:26:45 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-06-30 11:26:45 ----A---- C:\Windows\SYSWOW64\mscms.dll
2018-06-30 11:26:45 ----A---- C:\Windows\system32\ieUnatt.exe
2018-06-30 11:26:45 ----A---- C:\Windows\system32\drivers\wanarp.sys
2018-06-30 11:26:45 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-06-30 11:26:45 ----A---- C:\Windows\system32\drivers\netio.sys
2018-06-30 11:26:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-06-30 11:26:45 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-06-30 11:26:44 ----A---- C:\Windows\SYSWOW64\msi.dll
2018-06-30 11:26:44 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2018-06-30 11:26:44 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-06-30 11:26:44 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2018-06-30 11:26:44 ----A---- C:\Windows\system32\nshwfp.dll
2018-06-30 11:26:44 ----A---- C:\Windows\system32\nlaapi.dll
2018-06-30 11:26:44 ----A---- C:\Windows\system32\msiexec.exe
2018-06-30 11:26:44 ----A---- C:\Windows\system32\icm32.dll
2018-06-30 11:26:44 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2018-06-30 11:26:44 ----A---- C:\Windows\system32\drivers\vdrvroot.sys
2018-06-30 11:26:44 ----A---- C:\Windows\system32\drivers\srv.sys
2018-06-30 11:26:44 ----A---- C:\Windows\system32\clfs.sys
2018-06-30 11:26:44 ----A---- C:\Windows\system32\catsrvut.dll
2018-06-30 11:26:43 ----A---- C:\Windows\system32\t2embed.dll
2018-06-30 11:26:43 ----A---- C:\Windows\system32\iprtrmgr.dll
2018-06-30 11:26:43 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-06-30 11:26:43 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-06-30 11:26:43 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-06-30 11:26:43 ----A---- C:\Windows\system32\drivers\luafv.sys
2018-06-30 11:26:43 ----A---- C:\Windows\system32\atmfd.dll
2018-06-30 11:26:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-06-30 11:26:42 ----A---- C:\Windows\system32\wow64.dll
2018-06-30 11:26:42 ----A---- C:\Windows\system32\smss.exe
2018-06-30 11:26:42 ----A---- C:\Windows\system32\rpchttp.dll
2018-06-30 11:26:42 ----A---- C:\Windows\system32\ntdll.dll
2018-06-30 11:26:42 ----A---- C:\Windows\system32\hal.dll
2018-06-30 11:26:42 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-06-30 11:26:42 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-06-30 11:26:41 ----A---- C:\Windows\system32\drivers\termdd.sys
2018-06-30 11:26:41 ----A---- C:\Windows\system32\drivers\hidparse.sys
2018-06-30 11:26:41 ----A---- C:\Windows\system32\drivers\hidclass.sys
2018-06-30 11:26:41 ----A---- C:\Windows\system32\drivers\acpi.sys
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\webservices.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\wsnmp32.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\wintrust.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\winlogon.exe
2018-06-30 11:26:40 ----A---- C:\Windows\system32\TSpkg.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\sspicli.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\srvsvc.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\scesrv.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\rpcss.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\ncsi.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\msv1_0.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\lpk.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-06-30 11:26:40 ----A---- C:\Windows\system32\cryptsvc.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\cryptnet.dll
2018-06-30 11:26:39 ----A---- C:\Windows\system32\ieui.dll
2018-06-30 11:26:39 ----A---- C:\Windows\system32\ieframe.dll
2018-06-30 11:26:39 ----A---- C:\Windows\system32\dxtmsft.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\wininet.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\webcheck.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\mshtmled.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\jsproxy.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\jscript9diag.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\jscript9.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\jscript.dll
2018-06-30 11:26:37 ----A---- C:\Windows\system32\msrating.dll
2018-06-30 11:26:37 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-06-30 11:26:37 ----A---- C:\Windows\system32\mscms.dll
2018-06-30 11:26:37 ----A---- C:\Windows\system32\drivers\http.sys
2018-06-30 11:26:36 ----A---- C:\Windows\system32\winhttp.dll
2018-06-30 11:26:36 ----A---- C:\Windows\system32\nlasvc.dll
2018-06-30 11:26:36 ----A---- C:\Windows\system32\IKEEXT.DLL
2018-06-30 11:26:36 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-06-30 11:26:36 ----A---- C:\Windows\system32\drivers\rdbss.sys
2018-06-30 11:26:36 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-06-30 11:26:36 ----A---- C:\Windows\system32\BFE.DLL
2018-06-30 11:26:35 ----A---- C:\Windows\system32\win32k.sys
2018-06-30 11:26:35 ----A---- C:\Windows\system32\msi.dll
2018-06-30 11:26:35 ----A---- C:\Windows\system32\MPSSVC.dll
2018-06-30 11:26:35 ----A---- C:\Windows\system32\inetcomm.dll
2018-06-30 11:26:35 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-06-30 11:26:35 ----A---- C:\Windows\system32\comsvcs.dll
2018-06-30 11:26:34 ----A---- C:\Windows\system32\rpcrt4.dll
2018-06-30 11:26:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-06-30 11:26:34 ----A---- C:\Windows\system32\lsasrv.dll
2018-06-30 11:26:34 ----A---- C:\Windows\system32\kerberos.dll
2018-06-30 11:26:34 ----A---- C:\Windows\system32\advapi32.dll
2018-06-30 11:26:33 ----A---- C:\Windows\system32\webservices.dll
2018-06-30 11:26:33 ----A---- C:\Windows\system32\oleaut32.dll
2018-06-30 11:26:33 ----A---- C:\Windows\system32\ole32.dll
2018-06-30 11:26:33 ----A---- C:\Windows\system32\mshtml.dll
2018-06-30 11:26:33 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-06-30 11:26:33 ----A---- C:\Windows\system32\crypt32.dll
2018-06-30 11:26:32 ----A---- C:\Windows\system32\mf.dll
2018-06-30 11:26:31 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-06-30 11:26:31 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2018-06-30 11:26:31 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2018-06-30 11:26:31 ----A---- C:\Windows\SYSWOW64\mf.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\zipfldr.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\wuaueng.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\winload.exe
2018-06-30 11:26:31 ----A---- C:\Windows\system32\StructuredQuery.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\sdchange.exe
2018-06-30 11:26:31 ----A---- C:\Windows\system32\rstrui.exe
2018-06-30 11:26:31 ----A---- C:\Windows\system32\rasdiag.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\msrahc.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\msra.exe
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\sdchange.exe
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\scksp.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\msra.exe
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\wucltux.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\wfapigp.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\traffic.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\scksp.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\rasser.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\ncrypt.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\msaudite.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\itss.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\icfupgd.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-06-30 11:26:30 ----A---- C:\Windows\system32\ci.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\bcrypt.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\basecsp.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\adtschema.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\wups.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\traffic.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\mfps.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\mferror.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wuwebv.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wups2.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wups.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wudriver.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wuauclt.exe
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wuapp.exe
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wuapi.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\WinSetupUI.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\WcsPlugInService.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\rrinstaller.exe
2018-06-30 11:26:29 ----A---- C:\Windows\system32\rasmxs.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\oleres.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\msobjs.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\mfps.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\mfpmp.exe
2018-06-30 11:26:29 ----A---- C:\Windows\system32\mferror.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\drivers\cng.sys
2018-06-30 11:26:29 ----A---- C:\Windows\system32\cryptbase.dll
2018-06-30 11:25:33 ----A---- C:\Windows\system32\appraiser.dll
2018-06-30 11:25:33 ----A---- C:\Windows\system32\aitstatic.exe
2018-06-30 11:25:33 ----A---- C:\Windows\system32\acmigration.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\invagent.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\generaltel.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\devinv.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-06-30 11:25:32 ----A---- C:\Windows\system32\centel.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\aepic.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\aeinv.dll
2018-06-30 10:52:14 ----A---- C:\Windows\system32\aswBoot.exe
2018-06-30 09:28:34 ----D---- C:\Program Files (x86)\AVAST Software

======List of files/folders modified in the last 1 month======

2018-06-30 13:09:33 ----D---- C:\Program Files\trend micro
2018-06-30 13:07:44 ----D---- C:\Windows\Temp
2018-06-30 13:06:16 ----D---- C:\Windows\inf
2018-06-30 13:06:16 ----D---- C:\Windows\debug
2018-06-30 13:06:16 ----D---- C:\Windows
2018-06-30 13:06:16 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2018-06-30 13:03:29 ----SHD---- C:\System Volume Information
2018-06-30 13:03:24 ----D---- C:\Windows\system32\config
2018-06-30 13:00:12 ----D---- C:\Windows\system32\Tasks
2018-06-30 13:00:07 ----D---- C:\Program Files
2018-06-30 12:59:10 ----D---- C:\Windows\System32
2018-06-30 12:59:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-06-30 12:52:16 ----D---- C:\ProgramData\NVIDIA
2018-06-30 12:50:21 ----RSD---- C:\Windows\assembly
2018-06-30 12:50:21 ----D---- C:\Windows\Microsoft.NET
2018-06-30 12:47:00 ----D---- C:\Windows\SYSWOW64\Macromed
2018-06-30 12:44:11 ----D---- C:\Windows\winsxs
2018-06-30 12:15:57 ----D---- C:\Windows\SysWOW64
2018-06-30 12:15:57 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-06-30 12:15:56 ----RSD---- C:\Windows\Fonts
2018-06-30 12:15:56 ----D---- C:\Windows\system32\drivers
2018-06-30 12:15:56 ----D---- C:\Windows\system32\appraiser
2018-06-30 12:15:56 ----D---- C:\Windows\AppPatch
2018-06-30 12:15:51 ----D---- C:\Windows\SYSWOW64\Setup
2018-06-30 12:15:51 ----D---- C:\Windows\SYSWOW64\migration
2018-06-30 12:15:51 ----D---- C:\Windows\SYSWOW64\en-US
2018-06-30 12:15:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-06-30 12:15:51 ----D---- C:\Windows\ehome
2018-06-30 12:15:51 ----D---- C:\Program Files\Windows Media Player
2018-06-30 12:15:51 ----D---- C:\Program Files\Internet Explorer
2018-06-30 12:15:49 ----D---- C:\Windows\system32\Setup
2018-06-30 12:15:49 ----D---- C:\Windows\system32\migration
2018-06-30 12:15:49 ----D---- C:\Windows\system32\en-US
2018-06-30 12:15:49 ----D---- C:\Windows\system32\drivers\en-US
2018-06-30 12:15:49 ----D---- C:\Windows\system32\cs-CZ
2018-06-30 12:15:48 ----D---- C:\Program Files (x86)\Internet Explorer
2018-06-30 12:15:47 ----D---- C:\Windows\system32\CodeIntegrity
2018-06-30 12:15:47 ----D---- C:\Windows\system32\Boot
2018-06-30 12:15:47 ----D---- C:\Program Files (x86)\Windows Media Player
2018-06-30 12:15:45 ----D---- C:\Windows\system32\DriverStore
2018-06-30 11:53:32 ----SHD---- C:\Windows\Installer
2018-06-30 11:50:26 ----D---- C:\ProgramData\Microsoft Help
2018-06-30 11:49:51 ----D---- C:\Windows\system32\MRT
2018-06-30 11:46:26 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-06-30 11:46:17 ----AC---- C:\Windows\system32\MRT.exe
2018-06-30 11:41:50 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-06-30 11:37:12 ----A---- C:\Windows\win.ini
2018-06-30 11:34:54 ----D---- C:\Windows\Logs
2018-06-30 11:33:50 ----D---- C:\Windows\system32\catroot2
2018-06-30 11:00:05 ----D---- C:\Program Files (x86)\Common Files
2018-06-30 10:59:30 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2018-06-30 10:59:15 ----D---- C:\Windows\Prefetch
2018-06-30 10:59:12 ----D---- C:\Program Files (x86)\Java
2018-06-30 10:58:45 ----D---- C:\Program Files\WinRAR
2018-06-30 09:34:11 ----D---- C:\ProgramData\AVAST Software
2018-06-30 09:28:34 ----RD---- C:\Program Files (x86)
2018-06-14 19:04:04 ----D---- C:\Program Files (x86)\The KMPlayer
2018-06-10 08:35:43 ----D---- C:\Windows\system32\LogFiles
2018-06-08 08:08:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-06-08 08:08:05 ----D---- C:\Windows\system32\Macromed
2018-06-02 22:55:00 ----D---- C:\Program Files (x86)\Diablo III
2018-06-02 22:52:10 ----D---- C:\Program Files (x86)\Battle.net

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-06-30 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-06-30 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-06-30 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-06-30 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-06-30 381584]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-03-14 834544]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-06-30 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-06-30 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-06-30 239680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-06-30 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-06-30 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-06-30 463080]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-06-30 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-06-30 211160]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2017-08-10 254528]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-11 4351960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-10-18 27584]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-08-04 56384]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-06-30 46976]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS []
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-08-10 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-08-10 47672]
S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2014-05-03 34816]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-03-10 151184]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-06-30 322464]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-10-18 1163712]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-10-18 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-10-18 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-10-18 932728]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-12-11 292568]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-10-18 424384]
R2 WCAssistantService;WC Assistant; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [2018-05-19 25704]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-06-30 7780400]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-10-18 3632576]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-30 164984]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-28 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-08 335872]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-30 164984]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-28 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-05-25 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-27 1255736]
S4 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------




INFO z RSIT :

info.txt logfile of random's system information tool 1.10 2018-06-30 13:09:36

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A7E07070500008020210007DF130C000800000020030000DF140C07FEFFFF0028030000D8310C00FEFFFF07FEFFFF0000350C00603B680000000000000000000000000000000055AA

======Uninstall list======

-->C:\Program Files (x86)\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{80407BA7-7763-4395-AB98-5233F1B34E65}
Adobe Acrobat Reader DC - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe Flash Player 30 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_ActiveX.exe -maintain activex
Adobe Flash Player 30 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe -maintain plugin
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824265200}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
aTube Catcher verze 3.8-->"C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\unins000.exe"
aTube Catcher-->C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe
Avast Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
Avast Secure Browser-->"C:\Program Files (x86)\AVAST Software\Browser\AvastBrowserUninstall.exe" /run_source=cp
Avast Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Battle.net-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang= --uid=battle.net --displayname="Battle.net"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Debugging Tools for Windows (x86)-->MsiExec.exe /I{300A2961-B2B5-4889-9CB9-5C2A570D08AD}
Diablo III-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=diablo3_engb --displayname="Diablo III"
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007-->MsiExec.exe /X{90120000-00B2-0405-0000-0000000FF1CE}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\Installer\setup.exe" --uninstall --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Java 8 Update 151-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180151F0}
Java 8 Update 172-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180172F0}
K-Lite Mega Codec Pack 10.2.0-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
MediaInfo 0.7.98-->C:\Program Files (x86)\MediaInfo\uninst.exe
Microsoft .NET Framework 4.6.1 (CSY)-->MsiExec.exe /X{3C38CA01-7933-31E7-A1F6-EAA1DF9BEDF3}
Microsoft .NET Framework 4.6.1 (čeština)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
Microsoft .NET Framework 4.7.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.02558\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.7.1-->MsiExec.exe /X{E0C7523C-686B-3EE6-8FB1-CB4339E30EDD}
Microsoft ASP.NET MVC 4 Runtime-->MsiExec.exe /X{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005-->"C:\ProgramData\Package Cache\{51adbf11-493f-431c-a862-967a0fae2944}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005-->"C:\ProgramData\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
MKVtoolnix 4.9.1-->C:\Program Files (x86)\MKVtoolnix\uninst.exe
Mp3 Knife 3.4-->"C:\Program Files (x86)\Mp3 Knife\unins000.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero 7 Ultra Edition-->MsiExec.exe /I{4908C75E-E5E2-43F7-B1DF-023CBA831029}
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
NVIDIA GeForce Experience 2.11.4.125-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač 3D Vision 342.00-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.3.30.1-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 340.50-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 342.00-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{80407BA7-7763-4395-AB98-5233F1B34E65}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.13.1220-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{F0627AAF-797E-47D6-91BA-B2B8440E7348}\NVI2.DLL",UninstallPackage Display.PhysX
PlayLiteM 1.0.1.4.LM-->"C:\Program Files (x86)\Mpeg4 Player Lite\unins000.exe"
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DF2F5DAC-93D7-434B-96B1-EAF4D891AD24}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2596904) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5BF3F29E-C924-48BB-AA3C-EA2BA14B7027}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019}
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {08F2015D-61E9-4252-9355-AB8D15C73C96}
Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {488CDF0A-098C-4CF5-8552-DA5F2F7B7829}
Security Update for Microsoft Office 2007 suites (KB2984938) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E359D786-B101-4545-B8AB-8652323CF3CA}
Security Update for Microsoft Office 2007 suites (KB2984943) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {800D1A82-D1B0-4ED4-89B4-C666B570ABA5}
Security Update for Microsoft Office 2007 suites (KB2986253) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1EBDB402-7B61-4224-994D-6882DC69F493}
Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8D2CDFAB-0079-43CC-A289-2F7A67F0A4DE}
Security Update for Microsoft Office 2007 suites (KB3213641) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5E44FF6-5802-4FCC-B0CA-6C2C0C455CA3}
Security Update for Microsoft Office 2007 suites (KB4011656) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {57DF346A-74EF-4049-9DBE-8E035C2FCB27}
Security Update for Microsoft Office 2007 suites (KB4011715) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8711951B-FD11-4309-BD11-8A19551CEBC9}
Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F774C8A-B1CE-486C-A64E-EA96AE48B813}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB4011717) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C007116-E724-483B-BE67-870B5DB121A5}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB4018354) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {60463207-1C72-43FF-BE7E-E8E3A23FB756}
Security Update for Microsoft Office Excel 2007 (KB4018353) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {59859CCA-ECF5-407F-801A-99C0AA65DD92}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office InfoPath 2007 (KB3114426) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {26C5C75F-E1FD-4F95-AA29-CA221C3AFEEE}
Security Update for Microsoft Office OneNote 2007 (KB3114456) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E0F25378-0690-4F53-998A-F5D63412BBD7}
Security Update for Microsoft Office OneNote 2007 (KB3191829) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0FC61568-EC6B-4C62-ACAB-CA311D7A91FC}
Security Update for Microsoft Office Outlook 2007 (KB4011200) 32-Bit Edition -->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {56AC5DA6-AF80-4B4D-BA80-82DB2434A621}
Security Update for Microsoft Office Outlook 2007 (KB4011200) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6612D084-0180-4A86-B2B3-FDFA4E7F9DF9}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office PowerPoint 2007 (KB3213642) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {81769578-260D-428A-90BD-BDC1AD58061A}
Security Update for Microsoft Office Visio Viewer 2007 (KB2596915) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7FE99CC2-FBE5-422F-A6FB-49E0D8AFE919}
Security Update for Microsoft Office Word 2007 (KB4018355) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6C57A6AB-7AEC-47A2-BDA9-B157361F37DE}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4.7.1 (KB4054852)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.02558\setup.exe /uninstallpatch {F841DF5D-F64E-3B0A-BB90-6996634F216C}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7C3337E5-1294-4270-A64F-DCEF812159E5}
Update for Microsoft Office 2007 suites (KB3213646) 32-Bit Edition-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A10BE5CB-C704-4085-832B-8DCA2827CDFB}
Update for Microsoft Office 2007 suites (KB3213649) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E39085A9-74AC-465D-8240-E7AF57F3BA44}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3115461) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8C829BE5-F60C-417A-89E3-9A1B427320F2}
Update for Microsoft Office Publisher 2007 (KB4011203) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {962B4B3F-E8E5-4E11-B64B-1885D7F41BAA}
Web Companion-->C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe --uninstall
WinRAR 5.50 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe

======Hosts File======

::1 localhost

======System event log======

Computer Name: doma-PC
Event Code: 7036
Message: Stav služby Služba WMI byl změněn na: Zastaveno
Record Number: 630329
Source Name: Service Control Manager
Time Written: 20171214204110.347800-000
Event Type: Informace
User:

Computer Name: doma-PC
Event Code: 7036
Message: Stav služby Šifrování byl změněn na: Zastaveno
Record Number: 630328
Source Name: Service Control Manager
Time Written: 20171214204110.301000-000
Event Type: Informace
User:

Computer Name: doma-PC
Event Code: 7036
Message: Stav služby Centrum zabezpečení byl změněn na: Zastaveno
Record Number: 630327
Source Name: Service Control Manager
Time Written: 20171214204110.269800-000
Event Type: Informace
User:

Computer Name: doma-PC
Event Code: 7036
Message: Stav služby SAMSUNG Mobile Connectivity Service byl změněn na: Zastaveno
Record Number: 630326
Source Name: Service Control Manager
Time Written: 20171214204110.238600-000
Event Type: Informace
User:

Computer Name: doma-PC
Event Code: 7036
Message: Stav služby SSDP Discovery byl změněn na: Zastaveno
Record Number: 630325
Source Name: Service Control Manager
Time Written: 20171214204110.051400-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: doma-PC
Event Code: 903
Message: Služba Ochrana softwaru byla ukončena.

Record Number: 214532
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20161127133848.000000-000
Event Type: Informace
User:

Computer Name: doma-PC
Event Code: 8224
Message: Služba VSS bude ukončena z důvodu vypršení časového limitu nečinnosti.
Record Number: 214531
Source Name: VSS
Time Written: 20161127133732.000000-000
Event Type: Informace
User:

Computer Name: doma-PC
Event Code: 8194
Message: Bod obnovení byl úspěšně vytvořen (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update).
Record Number: 214530
Source Name: System Restore
Time Written: 20161127133420.000000-000
Event Type: Informace
User:

Computer Name: doma-PC
Event Code: 902
Message: Služba Ochrana softwaru byla spuštěna.
6.1.7601.17514
Record Number: 214529
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20161127133348.000000-000
Event Type: Informace
User:

Computer Name: doma-PC
Event Code: 1003
Message: Služba Ochrana softwaru dokončila kontrolu stavu licencování.
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
Stav licencování=
1: 01f5fc37-a99e-45c5-b65e-d762f3518ead, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
2: 2e7d060d-4714-40f2-9896-1e4f15b612ad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
3: 3b965dfc-31d9-4903-886f-873a0382776c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
4: 586bc076-c93d-429a-afe5-a69fbc644e88, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
5: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
6: 5e35dc43-389b-47c5-b889-2088b06738cb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
7: 6a7d5d8a-92af-4e6a-af4b-8fddaec800e5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
8: 9ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
9: 9f83d90f-a151-4665-ae69-30b3f63ec659, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
10: a63275f4-530c-48a7-b0d3-4f00d688d151, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
11: b8a4bb91-69b1-460d-93f8-40e0670af04a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
12: d2c04e90-c3dd-4260-b0f3-f845f5d27d64, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]
13: e68b141f-4dfa-4387-b3b7-e65c4889216e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
14: ee4e1629-bcdc-4b42-a68f-b92e135f78d7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
16: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]


Record Number: 214528
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20161127133348.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: doma-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DOMA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x270
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 195404
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171021061126.238800-000
Event Type: Úspěšný audit
User:

Computer Name: doma-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 195403
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171021061125.739600-000
Event Type: Úspěšný audit
User:

Computer Name: doma-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DOMA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x270
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 195402
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171021061125.739600-000
Event Type: Úspěšný audit
User:

Computer Name: doma-PC
Event Code: 4634
Message: Účet byl odhlášen.

Předmět:
ID zabezpečení: S-1-5-21-3153835651-1892699775-2217729689-1001
Název účtu: doma
Doména účtu: doma-PC
ID přihlášení: 0x1be786

Typ přihlášení: 7

Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 195401
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171021053317.780000-000
Event Type: Úspěšný audit
User:

Computer Name: doma-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-21-3153835651-1892699775-2217729689-1001
Název účtu: doma
Doména účtu: doma-PC
ID přihlášení: 0x1be786

Oprávnění: SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 195400
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20171021053317.780000-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\MKVtoolnix
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0503
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3

-----------------EOF-----------------

Re: čístka, zrychlení, preventivka

Napsal: 30 čer 2018 12:37
od afro-0
Ještě dodám že windows mám legální (licence při koupi pc)

a přikládám log z čístky ADW cleaneru.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.0
# -------------------------------
# Build: 06-26-2018
# Database: 2018-06-29.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-30-2018
# Duration: 00:00:06
# OS: Windows 7 Home Premium
# Cleaned: 15
# Failed: 2


***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Not Deleted C:\ProgramData\lavasoft\web companion
Not Deleted C:\Program Files (x86)\lavasoft\web companion
Deleted C:\Users\doma\AppData\Roaming\lavasoft\web companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted http://www.istartsurf.com/?type=hppp&ts ... 9_1CB46422
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... 9_1CB46422
Deleted istartsurf
Deleted istartsurf

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2725 octets] - [30/06/2018 13:29:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: čístka, zrychlení, preventivka

Napsal: 01 črc 2018 12:00
od Rudy
Zdravím!
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Re: čístka, zrychlení, preventivka

Napsal: 01 črc 2018 12:29
od afro-0
Logfile of random's system information tool 1.10 (written by random/random)
Run by doma at 2018-07-01 13:28:07
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 22 GB (22%) free of 100 GB
Total RAM: 4095 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:28:10, on 1.7.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\doma.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_75FB0DFF46A3918D104EF3B6503EF98A] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: KooBits 4.lnk = C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2 ... rol_32.CAB
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7695 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {5667895D-7F97-4ABC-8771-C2554E2BB5B1}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ea84de42-5ce5-42e1-9994-8ff775f7f804 -SystemEventPortName:HostProcess-fc8c7435-2986-40da-ae9c-40e9ee7c4aaa -IoCancelEventPortName:HostProcess-a9e92380-18a1-4530-a77d-36767271404b -NonStateChangingEventPortName:HostProcess-b56f4a09-36e0-4fb9-87e2-c91452202ad5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7efd20a2-a65c-4c36-90d1-8c549cc38734 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "733262373-998118415208133864636510080483481586377173456194606620-417374240
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
AvastUI.exe /nogui
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\doma\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\doma\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\doma\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.99 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7feef153228,0x7feef153238,0x7feef153248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4452 --on-initialized-event-handle=364 --parent-handle=360 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=F47431708A3CAF895CDE32B5450D4EFC --mojo-platform-channel-handle=1200 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=E50ACF62A97F3365F7F548356C6343AB --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=E50ACF62A97F3365F7F548356C6343AB --renderer-client-id=3 --mojo-platform-channel-handle=2324 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=DF2C3861DE7FC4D3E4E13C702ACD58C0 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=DF2C3861DE7FC4D3E4E13C702ACD58C0 --renderer-client-id=4 --mojo-platform-channel-handle=2644 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=9B186C600BE929F503C19E7C88C09EDE --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9B186C600BE929F503C19E7C88C09EDE --renderer-client-id=5 --mojo-platform-channel-handle=2768 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=F42FC7EA48EA63D95C8DE4D6CC538BEE --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=F42FC7EA48EA63D95C8DE4D6CC538BEE --renderer-client-id=6 --mojo-platform-channel-handle=2880 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=59468F2C3104020C3184FA0D10D03D6B --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=59468F2C3104020C3184FA0D10D03D6B --renderer-client-id=7 --mojo-platform-channel-handle=3092 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=010ECC0AD5AA6788750B85E3C47F9830 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=010ECC0AD5AA6788750B85E3C47F9830 --renderer-client-id=8 --mojo-platform-channel-handle=3196 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=A888DB4281AF5898638D758E26C063D8 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=A888DB4281AF5898638D758E26C063D8 --renderer-client-id=9 --mojo-platform-channel-handle=3412 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=9BAB89AA2BADD6B635123F8D04CAE35E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9BAB89AA2BADD6B635123F8D04CAE35E --renderer-client-id=10 --mojo-platform-channel-handle=2528 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=F06016CEA723AF3D34C37480635720B0 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=F06016CEA723AF3D34C37480635720B0 --renderer-client-id=12 --mojo-platform-channel-handle=3640 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=4009980D4BCC6F3484B3DD72BF3312EB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4009980D4BCC6F3484B3DD72BF3312EB --renderer-client-id=18 --mojo-platform-channel-handle=3660 /prefetch:1
wmiadap.exe /F /T /R
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=5D7B1DC7275B33A5E33A2AB8EB17B37C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5D7B1DC7275B33A5E33A2AB8EB17B37C --renderer-client-id=26 --mojo-platform-channel-handle=7352 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,2699754609862575227,13711539311397922514,131072 --service-pipe-token=173137DBEBFBE1ECE346301F61A8BD30 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=173137DBEBFBE1ECE346301F61A8BD30 --renderer-client-id=27 --mojo-platform-channel-handle=7152 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Users\doma\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-06-30 938712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-30 480200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-30 812248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-30 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11 13776088]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-10-18 2397120]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-10-18 1767712]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-06-30 242904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"AvastBrowserAutoLaunch_75FB0DFF46A3918D104EF3B6503EF98A"=C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2018-06-12 1808264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe [2018-06-30 1984184]

C:\Users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KooBits 4.lnk - C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-07-01 13:21:25 ----D---- C:\_OTM
2018-06-30 13:28:36 ----D---- C:\AdwCleaner
2018-06-30 13:09:32 ----D---- C:\rsit
2018-06-30 13:00:07 ----D---- C:\Program Files\CCleaner
2018-06-30 11:30:11 ----SHD---- C:\Config.Msi
2018-06-30 11:28:24 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-06-30 11:28:24 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-06-30 11:28:24 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-06-30 11:28:24 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-06-30 11:28:24 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-06-30 11:28:24 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-06-30 11:28:23 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-06-30 11:28:21 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-06-30 11:28:21 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-06-30 11:28:21 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-06-30 11:28:21 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-06-30 11:28:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-06-30 11:28:17 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-06-30 11:28:17 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-06-30 11:28:12 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-06-30 11:28:12 ----A---- C:\Windows\system32\wkssvc.dll
2018-06-30 11:28:12 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-06-30 11:28:12 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-06-30 11:28:12 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-06-30 11:28:12 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-06-30 11:28:07 ----A---- C:\Windows\system32\ucrtbase.dll
2018-06-30 11:28:07 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-06-30 11:28:05 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-06-30 11:28:05 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-30 11:27:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-30 11:27:02 ----A---- C:\Windows\SYSWOW64\user.exe
2018-06-30 11:27:02 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-30 11:27:01 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\WcnEapPeerProxy.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\tquery.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\sscore.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\rasser.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\Query.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\P2P.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\mssph.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\fdWCN.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-06-30 11:27:01 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\wshnetbs.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\WcnEapPeerProxy.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\spwmp.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\SearchFilterHost.exe
2018-06-30 11:27:01 ----A---- C:\Windows\system32\Query.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\mssphtb.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\msshooks.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\msscntrs.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\msimsg.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\KernelBase.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\itircl.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\iprtprio.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\iernonce.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\hhsetup.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\dxmasf.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\drivers\swenum.sys
2018-06-30 11:27:01 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2018-06-30 11:27:01 ----A---- C:\Windows\system32\comcat.dll
2018-06-30 11:27:01 ----A---- C:\Windows\system32\cdosys.dll
2018-06-30 11:27:01 ----A---- C:\Windows\hh.exe
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\itss.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\hhsetup.dll
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\hh.exe
2018-06-30 11:27:00 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\winsrv.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\wdigest.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\tquery.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\taskcomp.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2018-06-30 11:27:00 ----A---- C:\Windows\system32\SearchIndexer.exe
2018-06-30 11:27:00 ----A---- C:\Windows\system32\mssph.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\mssitlb.dll
2018-06-30 11:27:00 ----A---- C:\Windows\system32\certcli.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\WcnEapAuthProxy.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\WcnApi.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\rasmxs.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\racpldlg.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\itircl.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-06-30 11:26:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-06-30 11:26:59 ----A---- C:\Windows\system32\wshqos.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\WcnEapAuthProxy.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\rtm.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\P2P.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\msxml6r.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\mprdim.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\kernel32.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-06-30 11:26:59 ----A---- C:\Windows\system32\fdWCN.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\drivers\AGP440.sys
2018-06-30 11:26:59 ----A---- C:\Windows\system32\credssp.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\auditpol.exe
2018-06-30 11:26:59 ----A---- C:\Windows\system32\atmlib.dll
2018-06-30 11:26:59 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-06-30 11:26:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2018-06-30 11:26:58 ----A---- C:\Windows\SYSWOW64\wmp.dll
2018-06-30 11:26:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-06-30 11:26:58 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2018-06-30 11:26:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\srclient.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\mssvp.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\mssrch.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\inseng.dll
2018-06-30 11:26:58 ----A---- C:\Windows\system32\ie4uinit.exe
2018-06-30 11:26:57 ----A---- C:\Windows\system32\spoolsv.exe
2018-06-30 11:26:57 ----A---- C:\Windows\system32\schedsvc.dll
2018-06-30 11:26:57 ----A---- C:\Windows\system32\msxml6.dll
2018-06-30 11:26:56 ----A---- C:\Windows\system32\wisptis.exe
2018-06-30 11:26:56 ----A---- C:\Windows\system32\WinSCard.dll
2018-06-30 11:26:56 ----A---- C:\Windows\system32\schannel.dll
2018-06-30 11:26:56 ----A---- C:\Windows\system32\MSVidCtl.dll
2018-06-30 11:26:56 ----A---- C:\Windows\system32\hlink.dll
2018-06-30 11:26:56 ----A---- C:\Windows\system32\conhost.exe
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\wshqos.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\rtm.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\iprtprio.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\authui.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2018-06-30 11:26:55 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\tzres.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\streamci.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\racpldlg.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\p2psvc.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\ntvdm64.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\mssprxy.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\msihnd.dll
2018-06-30 11:26:55 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS
2018-06-30 11:26:55 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-06-30 11:26:55 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2018-06-30 11:26:55 ----A---- C:\Windows\system32\drivers\isapnp.sys
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\xpsrchvw.exe
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-06-30 11:26:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-06-30 11:26:54 ----A---- C:\Windows\system32\WcnApi.dll
2018-06-30 11:26:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-30 11:26:54 ----A---- C:\Windows\system32\drivers\appid.sys
2018-06-30 11:26:54 ----A---- C:\Windows\system32\appidsvc.dll
2018-06-30 11:26:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-06-30 11:26:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-06-30 11:26:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-06-30 11:26:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-06-30 11:26:53 ----A---- C:\Windows\system32\wmploc.DLL
2018-06-30 11:26:53 ----A---- C:\Windows\system32\urlmon.dll
2018-06-30 11:26:53 ----A---- C:\Windows\system32\srcore.dll
2018-06-30 11:26:53 ----A---- C:\Windows\system32\INETRES.dll
2018-06-30 11:26:53 ----A---- C:\Windows\system32\iedkcs32.dll
2018-06-30 11:26:52 ----A---- C:\Windows\system32\wmp.dll
2018-06-30 11:26:52 ----A---- C:\Windows\system32\occache.dll
2018-06-30 11:26:51 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\sysmain.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\gpedit.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\consent.exe
2018-06-30 11:26:51 ----A---- C:\Windows\system32\authui.dll
2018-06-30 11:26:51 ----A---- C:\Windows\system32\actxprxy.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\icm32.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2018-06-30 11:26:50 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2018-06-30 11:26:50 ----A---- C:\Windows\system32\fontsub.dll
2018-06-30 11:26:50 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-06-30 11:26:50 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS
2018-06-30 11:26:50 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-06-30 11:26:50 ----A---- C:\Windows\system32\drivers\errdev.sys
2018-06-30 11:26:50 ----A---- C:\Windows\system32\dciman32.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\lpk.dll
2018-06-30 11:26:49 ----A---- C:\Windows\SYSWOW64\hlink.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\wow64cpu.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\sspisrv.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\sscore.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\secur32.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\lsass.exe
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\wmiacpi.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\volmgr.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\pci.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\drivers\hidusb.sys
2018-06-30 11:26:49 ----A---- C:\Windows\system32\csrsrv.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\appinfo.dll
2018-06-30 11:26:49 ----A---- C:\Windows\system32\apisetschema.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2018-06-30 11:26:48 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\xpsrchvw.exe
2018-06-30 11:26:48 ----A---- C:\Windows\system32\wcncsvc.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\TabSvc.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\rascfg.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-30 11:26:48 ----A---- C:\Windows\system32\msfeeds.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\dxtrans.dll
2018-06-30 11:26:48 ----A---- C:\Windows\system32\appidapi.dll
2018-06-30 11:26:47 ----A---- C:\Windows\system32\iesetup.dll
2018-06-30 11:26:47 ----A---- C:\Windows\system32\iertutil.dll
2018-06-30 11:26:47 ----A---- C:\Windows\system32\ieapfltr.dll
2018-06-30 11:26:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-06-30 11:26:46 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-06-30 11:26:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-06-30 11:26:46 ----A---- C:\Windows\system32\wow64win.dll
2018-06-30 11:26:46 ----A---- C:\Windows\system32\vbscript.dll
2018-06-30 11:26:46 ----A---- C:\Windows\system32\shell32.dll
2018-06-30 11:26:45 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-06-30 11:26:45 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2018-06-30 11:26:45 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-06-30 11:26:45 ----A---- C:\Windows\SYSWOW64\mscms.dll
2018-06-30 11:26:45 ----A---- C:\Windows\system32\ieUnatt.exe
2018-06-30 11:26:45 ----A---- C:\Windows\system32\drivers\wanarp.sys
2018-06-30 11:26:45 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-06-30 11:26:45 ----A---- C:\Windows\system32\drivers\netio.sys
2018-06-30 11:26:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-06-30 11:26:45 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-06-30 11:26:44 ----A---- C:\Windows\SYSWOW64\msi.dll
2018-06-30 11:26:44 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2018-06-30 11:26:44 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-06-30 11:26:44 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2018-06-30 11:26:44 ----A---- C:\Windows\system32\nshwfp.dll
2018-06-30 11:26:44 ----A---- C:\Windows\system32\nlaapi.dll
2018-06-30 11:26:44 ----A---- C:\Windows\system32\msiexec.exe
2018-06-30 11:26:44 ----A---- C:\Windows\system32\icm32.dll
2018-06-30 11:26:44 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2018-06-30 11:26:44 ----A---- C:\Windows\system32\drivers\vdrvroot.sys
2018-06-30 11:26:44 ----A---- C:\Windows\system32\drivers\srv.sys
2018-06-30 11:26:44 ----A---- C:\Windows\system32\clfs.sys
2018-06-30 11:26:44 ----A---- C:\Windows\system32\catsrvut.dll
2018-06-30 11:26:43 ----A---- C:\Windows\system32\t2embed.dll
2018-06-30 11:26:43 ----A---- C:\Windows\system32\iprtrmgr.dll
2018-06-30 11:26:43 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-06-30 11:26:43 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-06-30 11:26:43 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-06-30 11:26:43 ----A---- C:\Windows\system32\drivers\luafv.sys
2018-06-30 11:26:43 ----A---- C:\Windows\system32\atmfd.dll
2018-06-30 11:26:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-06-30 11:26:42 ----A---- C:\Windows\system32\wow64.dll
2018-06-30 11:26:42 ----A---- C:\Windows\system32\smss.exe
2018-06-30 11:26:42 ----A---- C:\Windows\system32\rpchttp.dll
2018-06-30 11:26:42 ----A---- C:\Windows\system32\ntdll.dll
2018-06-30 11:26:42 ----A---- C:\Windows\system32\hal.dll
2018-06-30 11:26:42 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-06-30 11:26:42 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-06-30 11:26:41 ----A---- C:\Windows\system32\drivers\termdd.sys
2018-06-30 11:26:41 ----A---- C:\Windows\system32\drivers\hidparse.sys
2018-06-30 11:26:41 ----A---- C:\Windows\system32\drivers\hidclass.sys
2018-06-30 11:26:41 ----A---- C:\Windows\system32\drivers\acpi.sys
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\webservices.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-06-30 11:26:40 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\wsnmp32.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\wintrust.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\winlogon.exe
2018-06-30 11:26:40 ----A---- C:\Windows\system32\TSpkg.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\sspicli.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\srvsvc.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\scesrv.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\rpcss.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\ncsi.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\msv1_0.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\lpk.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-06-30 11:26:40 ----A---- C:\Windows\system32\cryptsvc.dll
2018-06-30 11:26:40 ----A---- C:\Windows\system32\cryptnet.dll
2018-06-30 11:26:39 ----A---- C:\Windows\system32\ieui.dll
2018-06-30 11:26:39 ----A---- C:\Windows\system32\ieframe.dll
2018-06-30 11:26:39 ----A---- C:\Windows\system32\dxtmsft.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\wininet.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\webcheck.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\mshtmled.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\jsproxy.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\jscript9diag.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\jscript9.dll
2018-06-30 11:26:38 ----A---- C:\Windows\system32\jscript.dll
2018-06-30 11:26:37 ----A---- C:\Windows\system32\msrating.dll
2018-06-30 11:26:37 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-06-30 11:26:37 ----A---- C:\Windows\system32\mscms.dll
2018-06-30 11:26:37 ----A---- C:\Windows\system32\drivers\http.sys
2018-06-30 11:26:36 ----A---- C:\Windows\system32\winhttp.dll
2018-06-30 11:26:36 ----A---- C:\Windows\system32\nlasvc.dll
2018-06-30 11:26:36 ----A---- C:\Windows\system32\IKEEXT.DLL
2018-06-30 11:26:36 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-06-30 11:26:36 ----A---- C:\Windows\system32\drivers\rdbss.sys
2018-06-30 11:26:36 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-06-30 11:26:36 ----A---- C:\Windows\system32\BFE.DLL
2018-06-30 11:26:35 ----A---- C:\Windows\system32\win32k.sys
2018-06-30 11:26:35 ----A---- C:\Windows\system32\msi.dll
2018-06-30 11:26:35 ----A---- C:\Windows\system32\MPSSVC.dll
2018-06-30 11:26:35 ----A---- C:\Windows\system32\inetcomm.dll
2018-06-30 11:26:35 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-06-30 11:26:35 ----A---- C:\Windows\system32\comsvcs.dll
2018-06-30 11:26:34 ----A---- C:\Windows\system32\rpcrt4.dll
2018-06-30 11:26:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-06-30 11:26:34 ----A---- C:\Windows\system32\lsasrv.dll
2018-06-30 11:26:34 ----A---- C:\Windows\system32\kerberos.dll
2018-06-30 11:26:34 ----A---- C:\Windows\system32\advapi32.dll
2018-06-30 11:26:33 ----A---- C:\Windows\system32\webservices.dll
2018-06-30 11:26:33 ----A---- C:\Windows\system32\oleaut32.dll
2018-06-30 11:26:33 ----A---- C:\Windows\system32\ole32.dll
2018-06-30 11:26:33 ----A---- C:\Windows\system32\mshtml.dll
2018-06-30 11:26:33 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-06-30 11:26:33 ----A---- C:\Windows\system32\crypt32.dll
2018-06-30 11:26:32 ----A---- C:\Windows\system32\mf.dll
2018-06-30 11:26:31 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-06-30 11:26:31 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2018-06-30 11:26:31 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2018-06-30 11:26:31 ----A---- C:\Windows\SYSWOW64\mf.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\zipfldr.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\wuaueng.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\winload.exe
2018-06-30 11:26:31 ----A---- C:\Windows\system32\StructuredQuery.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\sdchange.exe
2018-06-30 11:26:31 ----A---- C:\Windows\system32\rstrui.exe
2018-06-30 11:26:31 ----A---- C:\Windows\system32\rasdiag.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\msrahc.dll
2018-06-30 11:26:31 ----A---- C:\Windows\system32\msra.exe
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\sdchange.exe
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\scksp.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\msra.exe
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2018-06-30 11:26:30 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\wucltux.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\wfapigp.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\traffic.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\scksp.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\rasser.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\ncrypt.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\msaudite.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\itss.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\icfupgd.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-06-30 11:26:30 ----A---- C:\Windows\system32\ci.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\bcrypt.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\basecsp.dll
2018-06-30 11:26:30 ----A---- C:\Windows\system32\adtschema.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\wups.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\traffic.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\mfps.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\mferror.dll
2018-06-30 11:26:29 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wuwebv.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wups2.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wups.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wudriver.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wuauclt.exe
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wuapp.exe
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wuapi.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\WinSetupUI.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\WcsPlugInService.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\rrinstaller.exe
2018-06-30 11:26:29 ----A---- C:\Windows\system32\rasmxs.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\oleres.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\msobjs.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\mfps.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\mfpmp.exe
2018-06-30 11:26:29 ----A---- C:\Windows\system32\mferror.dll
2018-06-30 11:26:29 ----A---- C:\Windows\system32\drivers\cng.sys
2018-06-30 11:26:29 ----A---- C:\Windows\system32\cryptbase.dll
2018-06-30 11:25:33 ----A---- C:\Windows\system32\appraiser.dll
2018-06-30 11:25:33 ----A---- C:\Windows\system32\aitstatic.exe
2018-06-30 11:25:33 ----A---- C:\Windows\system32\acmigration.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\invagent.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\generaltel.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\devinv.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-06-30 11:25:32 ----A---- C:\Windows\system32\centel.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\aepic.dll
2018-06-30 11:25:32 ----A---- C:\Windows\system32\aeinv.dll
2018-06-30 10:52:14 ----A---- C:\Windows\system32\aswBoot.exe
2018-06-30 09:28:34 ----D---- C:\Program Files (x86)\AVAST Software

======List of files/folders modified in the last 1 month======

2018-07-01 13:28:09 ----D---- C:\Program Files\trend micro
2018-07-01 13:23:40 ----D---- C:\Windows\Temp
2018-07-01 13:23:00 ----D---- C:\ProgramData\NVIDIA
2018-07-01 12:26:52 ----D---- C:\Windows\system32\config
2018-07-01 12:22:39 ----D---- C:\Windows\System32
2018-07-01 12:22:39 ----D---- C:\Windows\inf
2018-07-01 12:22:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-07-01 10:55:57 ----D---- C:\Windows\Microsoft.NET
2018-07-01 10:55:15 ----RSD---- C:\Windows\assembly
2018-07-01 10:30:07 ----D---- C:\Windows\SYSWOW64\Macromed
2018-06-30 13:35:16 ----D---- C:\Windows\system32\Tasks
2018-06-30 13:33:50 ----D---- C:\Windows
2018-06-30 13:32:38 ----D---- C:\Users\doma\AppData\Roaming\Lavasoft
2018-06-30 13:06:16 ----D---- C:\Windows\debug
2018-06-30 13:06:16 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2018-06-30 13:03:29 ----SHD---- C:\System Volume Information
2018-06-30 13:00:07 ----D---- C:\Program Files
2018-06-30 12:44:11 ----D---- C:\Windows\winsxs
2018-06-30 12:15:57 ----D---- C:\Windows\SysWOW64
2018-06-30 12:15:57 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-06-30 12:15:56 ----RSD---- C:\Windows\Fonts
2018-06-30 12:15:56 ----D---- C:\Windows\system32\drivers
2018-06-30 12:15:56 ----D---- C:\Windows\system32\appraiser
2018-06-30 12:15:56 ----D---- C:\Windows\AppPatch
2018-06-30 12:15:51 ----D---- C:\Windows\SYSWOW64\Setup
2018-06-30 12:15:51 ----D---- C:\Windows\SYSWOW64\migration
2018-06-30 12:15:51 ----D---- C:\Windows\SYSWOW64\en-US
2018-06-30 12:15:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-06-30 12:15:51 ----D---- C:\Windows\ehome
2018-06-30 12:15:51 ----D---- C:\Program Files\Windows Media Player
2018-06-30 12:15:51 ----D---- C:\Program Files\Internet Explorer
2018-06-30 12:15:49 ----D---- C:\Windows\system32\Setup
2018-06-30 12:15:49 ----D---- C:\Windows\system32\migration
2018-06-30 12:15:49 ----D---- C:\Windows\system32\en-US
2018-06-30 12:15:49 ----D---- C:\Windows\system32\drivers\en-US
2018-06-30 12:15:49 ----D---- C:\Windows\system32\cs-CZ
2018-06-30 12:15:48 ----D---- C:\Program Files (x86)\Internet Explorer
2018-06-30 12:15:47 ----D---- C:\Windows\system32\CodeIntegrity
2018-06-30 12:15:47 ----D---- C:\Windows\system32\Boot
2018-06-30 12:15:47 ----D---- C:\Program Files (x86)\Windows Media Player
2018-06-30 12:15:45 ----D---- C:\Windows\system32\DriverStore
2018-06-30 11:53:32 ----SHD---- C:\Windows\Installer
2018-06-30 11:50:26 ----D---- C:\ProgramData\Microsoft Help
2018-06-30 11:49:51 ----D---- C:\Windows\system32\MRT
2018-06-30 11:46:26 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-06-30 11:46:17 ----AC---- C:\Windows\system32\MRT.exe
2018-06-30 11:41:50 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-06-30 11:37:12 ----A---- C:\Windows\win.ini
2018-06-30 11:34:54 ----D---- C:\Windows\Logs
2018-06-30 11:33:50 ----D---- C:\Windows\system32\catroot2
2018-06-30 11:00:05 ----D---- C:\Program Files (x86)\Common Files
2018-06-30 10:59:30 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2018-06-30 10:59:15 ----D---- C:\Windows\Prefetch
2018-06-30 10:59:12 ----D---- C:\Program Files (x86)\Java
2018-06-30 10:58:45 ----D---- C:\Program Files\WinRAR
2018-06-30 09:34:11 ----D---- C:\ProgramData\AVAST Software
2018-06-30 09:28:34 ----RD---- C:\Program Files (x86)
2018-06-14 19:04:04 ----D---- C:\Program Files (x86)\The KMPlayer
2018-06-10 08:35:43 ----D---- C:\Windows\system32\LogFiles
2018-06-08 08:08:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-06-08 08:08:05 ----D---- C:\Windows\system32\Macromed
2018-06-02 22:55:00 ----D---- C:\Program Files (x86)\Diablo III
2018-06-02 22:52:10 ----D---- C:\Program Files (x86)\Battle.net

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-06-30 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-06-30 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-06-30 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-06-30 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-06-30 381584]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-03-14 834544]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-06-30 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-06-30 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-06-30 239680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-06-30 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-06-30 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-06-30 463080]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-06-30 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-06-30 211160]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2017-08-10 254528]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-11 4351960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-10-18 27584]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-08-04 56384]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-06-30 46976]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS []
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-08-10 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-08-10 47672]
S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2014-05-03 34816]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-03-10 151184]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-06-30 322464]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-10-18 1163712]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-10-18 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-10-18 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-10-18 932728]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-12-11 292568]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-10-18 424384]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-10-18 3632576]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-30 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-28 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-08 335872]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-06-30 7780400]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-30 164984]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-28 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-05-25 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-27 1255736]
S4 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------

Re: čístka, zrychlení, preventivka

Napsal: 01 črc 2018 14:25
od Rudy
Smazáno. Zrychlil se PC?

Re: čístka, zrychlení, preventivka

Napsal: 01 črc 2018 19:13
od afro-0
Nijak výrazně ale ano, zkusil jsem pár operací a je to trochu lepší.
Bylo tam něco ? Bordel , havět apod. ?

Re: čístka, zrychlení, preventivka

Napsal: 01 črc 2018 20:09
od Rudy
Nějaká AdWary a zbytečnosti. Pokud je PC stále pomalý, zkuste defragmentovat disk.

Re: čístka, zrychlení, preventivka

Napsal: 08 črc 2018 18:42
od afro-0
Defragmentováno, mám to nastavené na automatickou defragmentaci.
Zdá se že se pc celkově o něco zrychlil, děkuji moc. Ještě nějaká operace nebo je to vše ? Děkuji mnohokrát.

Re: čístka, zrychlení, preventivka

Napsal: 08 črc 2018 18:55
od Rudy
Teď už jen odinstalování nepotřebných aplikací. Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz