VIRY.CZ

Dobrý den prosím o kontrolu logu

Avast mi napsal při testu po restartu,že mám infikovaný runservice.exe,stále se mi vypíná update
Předem děkuji tady je log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by peta at 2018-08-04 13:23:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 67 GB (58%) free of 114 GB
Total RAM: 8144 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:23:53, on 4.8.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal

Running processes:
D:\Avast\AvastUI.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
D:\Avast\AvastUI.exe
C:\Program Files\trend micro\peta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Avast\aswWebRepIE.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - D:\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - D:\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6256 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\system32\svchost.exe -k NetworkService
"D:\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
AvastUI.exe /nogui
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "10572550952101528479-9890906551518702278-1634878150-2042003635-825711807-1044500385
taskeng.exe {CC3F09B3-43A4-4761-9F59-1844255EEADA}
C:\Windows\SysWOW64\UMonit64.exe
"D:\Avast\x64\aswidsagenta.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe" /srvupt
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\peta\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\peta\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\peta\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.99 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7feec523228,0x7feec523238,0x7feec523248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2308 --on-initialized-event-handle=348 --parent-handle=364 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=7F17EFAFB67ACC8DEF4BA3ABEC914615 --mojo-platform-channel-handle=1192 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=D1B599ECBFF73880BECB9A3345308842 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=D1B599ECBFF73880BECB9A3345308842 --renderer-client-id=3 --mojo-platform-channel-handle=2648 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=1665146ABF35DFB81DAF95AF36A419FA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1665146ABF35DFB81DAF95AF36A419FA --renderer-client-id=49 --mojo-platform-channel-handle=3260 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=3FD050E8695A405082E31DD5EA272EE7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3FD050E8695A405082E31DD5EA272EE7 --renderer-client-id=56 --mojo-platform-channel-handle=2732 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=F2372E73C886460E6A2A1BFF0B066734 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=F2372E73C886460E6A2A1BFF0B066734 --renderer-client-id=60 --mojo-platform-channel-handle=5064 /prefetch:1
"D:\Avast\AvastUI.exe" --type=renderer --disable-gpu-compositing --disable-pinch --no-sandbox --primordial-pipe-token=7E4794C9AE3BA80E8E38F07670B6A150 --lang=en-US --lang=en-US --log-file="C:\Users\peta\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.3.2987.1601 Safari/537.36 Avastium (18.5.2342)" --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=7E4794C9AE3BA80E8E38F07670B6A150 --renderer-client-id=3 --mojo-platform-channel-handle=5588 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=12A2C89212FC6A008A8D0488AAE3BF42 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12A2C89212FC6A008A8D0488AAE3BF42 --renderer-client-id=78 --mojo-platform-channel-handle=2932 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=86FD0D9E163DF1AD38ECA08284E8272B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=86FD0D9E163DF1AD38ECA08284E8272B --renderer-client-id=79 --mojo-platform-channel-handle=5096 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=B16C691000D61475F9CAC3A7DF2D730D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=B16C691000D61475F9CAC3A7DF2D730D --renderer-client-id=80 --mojo-platform-channel-handle=5724 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=89F44F3FD504FCE5C74F93478D9D220E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=89F44F3FD504FCE5C74F93478D9D220E --renderer-client-id=81 --mojo-platform-channel-handle=4416 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=82017B732CE95F0FD73D746817D085A0 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=82017B732CE95F0FD73D746817D085A0 --renderer-client-id=82 --mojo-platform-channel-handle=6560 /prefetch:1

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=FF9C41B619FEC4A74CC40D9E32D8133F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=FF9C41B619FEC4A74CC40D9E32D8133F --renderer-client-id=92 --mojo-platform-channel-handle=3384 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=A1A332345DCD461DDE39D2FBBFE2C7CF --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=A1A332345DCD461DDE39D2FBBFE2C7CF --renderer-client-id=95 --mojo-platform-channel-handle=6824 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,2025754297781690451,17888695047443584067,131072 --service-pipe-token=E6E2353F0940F73DFA6113C2E4D3B0F5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=E6E2353F0940F73DFA6113C2E4D3B0F5 --renderer-client-id=97 --mojo-platform-channel-handle=6324 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25 2478864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Avast\aswWebRepIE64.dll [2018-07-17 938712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Avast\aswWebRepIE.dll [2018-07-17 812248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=D:\Avast\AvLaunch.exe [2018-07-17 242904]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-07-09 9268672]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-08-04 13:20:48 ----D---- C:\rsit
2018-08-04 13:20:48 ----D---- C:\Program Files\trend micro
2018-07-31 17:29:41 ----D---- C:\Users\peta\AppData\Roaming\HelloGames
2018-07-17 15:22:59 ----A---- C:\Windows\system32\aswBoot.exe
2018-07-14 16:46:14 ----D---- C:\Program Files (x86)\Microsoft XNA
2018-07-11 15:37:30 ----A---- C:\Windows\system32\aitstatic.exe
2018-07-11 15:37:29 ----A---- C:\Windows\system32\invagent.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\generaltel.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\devinv.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-07-11 15:37:29 ----A---- C:\Windows\system32\centel.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\appraiser.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\aepic.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\aeinv.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\acmigration.dll
2018-07-11 15:37:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-07-11 15:37:10 ----A---- C:\Windows\system32\mshtml.dll
2018-07-11 15:37:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-07-11 15:37:09 ----A---- C:\Windows\system32\ieframe.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\zipfldr.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\wkssvc.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\win32k.sys
2018-07-11 15:37:08 ----A---- C:\Windows\system32\vbscript.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\urlmon.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\ucrtbase.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\shell32.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\jscript9.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\iertutil.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\iedkcs32.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-07-11 15:37:08 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-07-11 15:37:08 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-07-11 15:37:08 ----A---- C:\Windows\system32\dnsapi.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\wininet.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\webcheck.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\rstrui.exe
2018-07-11 15:37:07 ----A---- C:\Windows\system32\rpcrt4.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\ole32.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-07-11 15:37:07 ----A---- C:\Windows\system32\ntdll.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 15:37:07 ----A---- C:\Windows\system32\msrating.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\msfeeds.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\lsasrv.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\inseng.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\ieui.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\iesetup.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\hal.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\dxtrans.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\dxtmsft.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\netio.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-07-11 15:37:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2018-07-11 15:37:07 ----A---- C:\Windows\system32\conhost.exe
2018-07-11 15:37:07 ----A---- C:\Windows\system32\certcli.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\user.exe
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\wow64win.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\wow64cpu.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\wow64.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\winsrv.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\wfapigp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\wdigest.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\TSpkg.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\sspisrv.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\sspicli.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\srcore.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\srclient.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\smss.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\schannel.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\secur32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\rpchttp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\rpcss.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\oleres.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\occache.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ntvdm64.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ncrypt.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\msv1_0.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\msobjs.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\mshtmled.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\msaudite.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\MPSSVC.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\lsass.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\KernelBase.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\kernel32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\kerberos.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\jsproxy.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\jscript9diag.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\jscript.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ieUnatt.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\iernonce.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ieapfltr.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ie4uinit.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\icfupgd.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\appid.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\csrsrv.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\cryptbase.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\credssp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\comcat.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\bcrypt.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\auditpol.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\appidsvc.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\appidapi.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\apisetschema.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\advapi32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\adtschema.dll
2018-07-09 15:34:18 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2018-07-09 15:34:17 ----A---- C:\Windows\system32\SRSWOW64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\SRSTSX64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\SRSTSH64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\SRSHP64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\RtPgEx64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\RtkCfg64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RtkApi64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RTEEP64A.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RTEEL64A.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RTEEG64A.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RTEED64A.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RtDataProc64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RTCOM64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RP3DHT64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RP3DAA64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RltkAPO64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RCoInstII64.dll
2018-07-09 15:34:15 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-07-09 15:34:11 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2018-07-09 15:25:36 ----A---- C:\Windows\system32\RtNicProp64.dll
2018-07-09 15:25:36 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2018-07-06 21:45:06 ----A---- C:\Users\peta\AppData\Roaming\~SiMPLEX.ini

======List of files/folders modified in the last 1 month======

2018-08-04 13:23:40 ----D---- C:\Windows\Temp
2018-08-04 13:20:48 ----RD---- C:\Program Files
2018-08-04 13:13:15 ----D---- C:\Windows\system32\config
2018-08-04 13:06:43 ----D---- C:\Windows\System32
2018-08-04 13:06:43 ----D---- C:\Windows\inf
2018-08-04 13:06:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-04 13:02:01 ----D---- C:\ProgramData\NVIDIA
2018-08-03 10:17:19 ----D---- C:\ProgramData\ProductData
2018-08-01 16:55:30 ----SHD---- C:\System Volume Information
2018-07-24 22:50:19 ----D---- C:\Users\peta\AppData\Roaming\vlc
2018-07-24 17:06:38 ----D---- C:\Windows\Microsoft.NET
2018-07-24 16:35:24 ----SHD---- C:\Windows\Installer
2018-07-24 16:35:21 ----D---- C:\Windows\SysWOW64
2018-07-24 16:35:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-07-23 16:23:05 ----D---- C:\Windows\system32\drivers
2018-07-21 13:49:14 ----D---- C:\Windows\system32\Tasks
2018-07-21 13:48:33 ----D---- C:\ProgramData\IObit
2018-07-21 13:48:32 ----D---- C:\Program Files (x86)\IObit
2018-07-18 15:50:02 ----RD---- C:\Program Files (x86)
2018-07-18 15:50:02 ----D---- C:\ProgramData\AVAST Software
2018-07-14 16:46:20 ----RSD---- C:\Windows\assembly
2018-07-14 12:28:06 ----D---- C:\Windows\rescache
2018-07-12 15:25:14 ----D---- C:\Windows\winsxs
2018-07-12 15:24:00 ----D---- C:\Windows\system32\appraiser
2018-07-12 15:23:59 ----D---- C:\Windows\SYSWOW64\en-US
2018-07-12 15:23:59 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-07-12 15:23:59 ----D---- C:\Windows\system32\en-US
2018-07-12 15:23:59 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-07-12 15:23:59 ----D---- C:\Windows\system32\cs-CZ
2018-07-12 15:23:59 ----D---- C:\Program Files\Internet Explorer
2018-07-12 15:23:59 ----D---- C:\Program Files (x86)\Internet Explorer
2018-07-12 15:23:58 ----RSD---- C:\Windows\Fonts
2018-07-12 15:23:58 ----D---- C:\Windows\system32\DriverStore
2018-07-12 15:23:58 ----D---- C:\Windows\system32\Boot
2018-07-12 15:23:58 ----D---- C:\Windows\AppPatch
2018-07-11 23:09:38 ----D---- C:\Windows\system32\catroot2
2018-07-11 23:06:31 ----D---- C:\Windows\system32\MRT
2018-07-11 23:05:35 ----AC---- C:\Windows\system32\MRT.exe
2018-07-10 15:27:04 ----D---- C:\Windows
2018-07-09 22:53:22 ----D---- C:\Windows\system32\catroot
2018-07-09 15:34:27 ----D---- C:\Windows\SYSWOW64\RTCOM
2018-07-09 15:25:36 ----A---- C:\Windows\system32\RTNUninst64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-07-17 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-07-17 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-07-17 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-07-17 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-07-17 381584]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2018-03-07 1469952]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2018-03-07 40448]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-07-17 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-07-17 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-07-17 239680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-07-17 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-07-17 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-07-23 467064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-10-18 27552]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-07-17 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-07-17 211160]
R2 NPF;Sadp Driver (NPF); \??\C:\Windows\SysWOW64\Drivers\npf64.sys [2017-04-21 36600]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-12-10 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-12-10 47672]
R3 GeneStor;Genesys Logic Storage Driver; C:\Windows\system32\DRIVERS\GeneStor.sys [2017-11-09 215608]
R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer; C:\Windows\system32\DRIVERS\hidkmdf.sys [2017-06-29 26376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2018-07-09 6173640]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD.sys [2017-10-18 44744]
R3 IUFileFilter;IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [2017-06-06 21928]
R3 IURegProcessFilter;IURegProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [2018-01-11 22416]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2018-07-02 816640]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2018-05-13 201296]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2018-06-01 227928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2018-03-15 67432]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-04-28 68112]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2018-07-09 1059776]
R3 sshid;SteelSeries HID Service; C:\Windows\system32\DRIVERS\sshid.sys [2017-06-29 45928]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-07-17 46976]
S3 cpuz143;cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys []
S3 ETDSMBus;ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [2017-10-18 32840]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2017-10-18 480800]
S3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2017-10-18 41088]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-06-01 30656]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S4 IMFMBRProtect;IMFMBRProtect; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFMBRProtect.sys []
S4 IMFSafeBox;IMFSafeBox; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFSafeBox.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; D:\Avast\AvastSvc.exe [2018-07-17 322464]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-06-01 764352]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-06-01 764544]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-06-01 629696]
R3 aswbIDSAgent;aswbIDSAgent; D:\Avast\x64\aswidsagenta.exe [2018-07-17 7780400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-08 153168]
S2 IObitUnSvr;IObit Uninstaller Service; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [2018-01-25 206096]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-06-22 1467072]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-08 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-06-01 764352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-10-08 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-25.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-04-2018
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1249 octets] - [04/08/2018 17:42:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT. Potom ještě spusťte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Logfile of random's system information tool 1.10 (written by random/random)
Run by peta at 2018-08-04 21:57:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 67 GB (59%) free of 114 GB
Total RAM: 8144 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:57:16, on 4.8.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\SysWOW64\UMonit64.exe
D:\Avast\AvastUI.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
D:\Anti-Malware\mbamtray.exe
C:\Program Files\trend micro\peta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Avast\aswWebRepIE.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - D:\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - D:\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - D:\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6365 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\system32\svchost.exe -k NetworkService
"D:\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "389899919-13667781431442543204-570086786-188336553413133728601790782745-536155249
taskeng.exe {D8A93A88-B36B-489B-981B-46BA2D3F5E08}
C:\Windows\SysWOW64\UMonit64.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
AvastUI.exe /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\peta\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\peta\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\peta\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.99 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7feef1e3228,0x7feef1e3238,0x7feef1e3248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4256 --on-initialized-event-handle=348 --parent-handle=352 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1192,9341269005152502975,7740152803141123000,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=DCB7EB546C697CE73F5FE541B1CDF6C1 --mojo-platform-channel-handle=1208 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,9341269005152502975,7740152803141123000,131072 --service-pipe-token=869CBD1F177D57EAAF6F8ADB1F6F164C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=869CBD1F177D57EAAF6F8ADB1F6F164C --renderer-client-id=3 --mojo-platform-channel-handle=2528 /prefetch:1
"D:\Avast\x64\aswidsagenta.exe"
"D:\Anti-Malware\mbamservice.exe"
"D:\Anti-Malware\mbamtray.exe"
"taskhost.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,9341269005152502975,7740152803141123000,131072 --service-pipe-token=A098342E7881A8E0D92FB54439E13765 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=A098342E7881A8E0D92FB54439E13765 --renderer-client-id=19 --mojo-platform-channel-handle=4712 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,9341269005152502975,7740152803141123000,131072 --service-pipe-token=68D977F0AEB99301A3302FF07786169D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=68D977F0AEB99301A3302FF07786169D --renderer-client-id=30 --mojo-platform-channel-handle=6096 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,9341269005152502975,7740152803141123000,131072 --service-pipe-token=8531BC0A357EE5B9E02D90F84E544229 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8531BC0A357EE5B9E02D90F84E544229 --renderer-client-id=32 --mojo-platform-channel-handle=2916 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,9341269005152502975,7740152803141123000,131072 --service-pipe-token=98188A7EF4C9FBA4947BD7DD4AE13BDA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=98188A7EF4C9FBA4947BD7DD4AE13BDA --renderer-client-id=37 --mojo-platform-channel-handle=6004 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,9341269005152502975,7740152803141123000,131072 --service-pipe-token=A197C80C05315C0687866E89ED6EEA8C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=A197C80C05315C0687866E89ED6EEA8C --renderer-client-id=38 --mojo-platform-channel-handle=4468 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,9341269005152502975,7740152803141123000,131072 --service-pipe-token=36112BEDD45A70657633C1DC566BF5D3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=36112BEDD45A70657633C1DC566BF5D3 --renderer-client-id=39 --mojo-platform-channel-handle=6600 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,9341269005152502975,7740152803141123000,131072 --service-pipe-token=A20AFBDFF56E69F3CF15EC77572A39B9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=A20AFBDFF56E69F3CF15EC77572A39B9 --renderer-client-id=40 --mojo-platform-channel-handle=3464 /prefetch:1
"C:\Users\peta\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25 2478864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Avast\aswWebRepIE64.dll [2018-07-17 938712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Avast\aswWebRepIE.dll [2018-07-17 812248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=D:\Avast\AvLaunch.exe [2018-07-17 242904]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-07-09 9268672]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-08-04 20:47:34 ----A---- C:\Windows\system32\drivers\mbam.sys
2018-08-04 20:47:32 ----A---- C:\Windows\system32\drivers\mwac.sys
2018-08-04 20:47:32 ----A---- C:\Windows\system32\drivers\farflt.sys
2018-08-04 20:47:31 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2018-08-04 20:47:24 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-08-04 20:47:18 ----A---- C:\Windows\system32\drivers\mbae64.sys
2018-08-04 20:47:15 ----D---- C:\ProgramData\Malwarebytes
2018-08-04 20:41:54 ----D---- C:\_OTM
2018-08-04 17:41:41 ----D---- C:\AdwCleaner
2018-08-04 13:20:48 ----D---- C:\rsit
2018-08-04 13:20:48 ----D---- C:\Program Files\trend micro
2018-07-31 17:29:41 ----D---- C:\Users\peta\AppData\Roaming\HelloGames
2018-07-17 15:22:59 ----A---- C:\Windows\system32\aswBoot.exe
2018-07-14 16:46:14 ----D---- C:\Program Files (x86)\Microsoft XNA
2018-07-11 15:37:30 ----A---- C:\Windows\system32\aitstatic.exe
2018-07-11 15:37:29 ----A---- C:\Windows\system32\invagent.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\generaltel.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\devinv.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-07-11 15:37:29 ----A---- C:\Windows\system32\centel.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\appraiser.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\aepic.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\aeinv.dll
2018-07-11 15:37:29 ----A---- C:\Windows\system32\acmigration.dll
2018-07-11 15:37:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-07-11 15:37:10 ----A---- C:\Windows\system32\mshtml.dll
2018-07-11 15:37:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-07-11 15:37:09 ----A---- C:\Windows\system32\ieframe.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-07-11 15:37:08 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\zipfldr.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\wkssvc.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\win32k.sys
2018-07-11 15:37:08 ----A---- C:\Windows\system32\vbscript.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\urlmon.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\ucrtbase.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\shell32.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\jscript9.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\iertutil.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\iedkcs32.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-07-11 15:37:08 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-07-11 15:37:08 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-07-11 15:37:08 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-07-11 15:37:08 ----A---- C:\Windows\system32\dnsapi.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\wininet.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\webcheck.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\rstrui.exe
2018-07-11 15:37:07 ----A---- C:\Windows\system32\rpcrt4.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\ole32.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-07-11 15:37:07 ----A---- C:\Windows\system32\ntdll.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 15:37:07 ----A---- C:\Windows\system32\msrating.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\msfeeds.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\lsasrv.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\inseng.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\ieui.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\iesetup.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\hal.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\dxtrans.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\dxtmsft.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\netio.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-07-11 15:37:07 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-07-11 15:37:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2018-07-11 15:37:07 ----A---- C:\Windows\system32\conhost.exe
2018-07-11 15:37:07 ----A---- C:\Windows\system32\certcli.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 15:37:07 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 15:37:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\user.exe
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\wow64win.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\wow64cpu.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\wow64.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\winsrv.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\wfapigp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\wdigest.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\TSpkg.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\sspisrv.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\sspicli.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\srcore.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\srclient.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\smss.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\schannel.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\secur32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\rpchttp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\rpcss.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\oleres.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\occache.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ntvdm64.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ncrypt.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\msv1_0.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\msobjs.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\mshtmled.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\msaudite.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\MPSSVC.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\lsass.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\KernelBase.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\kernel32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\kerberos.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\jsproxy.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\jscript9diag.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\jscript.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ieUnatt.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\iernonce.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ieapfltr.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\ie4uinit.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\icfupgd.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\drivers\appid.sys
2018-07-11 15:37:06 ----A---- C:\Windows\system32\csrsrv.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\cryptbase.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\credssp.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\comcat.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\bcrypt.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\auditpol.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\appidsvc.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 15:37:06 ----A---- C:\Windows\system32\appidapi.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\apisetschema.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\advapi32.dll
2018-07-11 15:37:06 ----A---- C:\Windows\system32\adtschema.dll
2018-07-09 15:34:18 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2018-07-09 15:34:17 ----A---- C:\Windows\system32\SRSWOW64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\SRSTSX64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\SRSTSH64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\SRSHP64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\RtPgEx64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2018-07-09 15:34:17 ----A---- C:\Windows\system32\RtkCfg64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RtkApi64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RTEEP64A.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RTEEL64A.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RTEEG64A.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RTEED64A.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RtDataProc64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RTCOM64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RP3DHT64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RP3DAA64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RltkAPO64.dll
2018-07-09 15:34:16 ----A---- C:\Windows\system32\RCoInstII64.dll
2018-07-09 15:34:15 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-07-09 15:34:11 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2018-07-09 15:25:36 ----A---- C:\Windows\system32\RtNicProp64.dll
2018-07-09 15:25:36 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2018-07-06 21:45:06 ----A---- C:\Users\peta\AppData\Roaming\~SiMPLEX.ini

======List of files/folders modified in the last 1 month======

2018-08-04 21:56:30 ----D---- C:\Windows\Temp
2018-08-04 21:03:36 ----D---- C:\Windows\system32\drivers
2018-08-04 20:50:12 ----D---- C:\Windows\System32
2018-08-04 20:50:12 ----D---- C:\Windows\inf
2018-08-04 20:50:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-04 20:47:20 ----D---- C:\Windows
2018-08-04 20:47:15 ----HD---- C:\ProgramData
2018-08-04 20:45:18 ----D---- C:\ProgramData\NVIDIA
2018-08-04 17:59:52 ----D---- C:\Windows\system32\config
2018-08-04 17:45:28 ----D---- C:\Windows\system32\Tasks
2018-08-04 13:20:48 ----RD---- C:\Program Files
2018-08-03 10:17:19 ----D---- C:\ProgramData\ProductData
2018-08-01 16:55:30 ----SHD---- C:\System Volume Information
2018-07-24 22:50:19 ----D---- C:\Users\peta\AppData\Roaming\vlc
2018-07-24 17:06:38 ----D---- C:\Windows\Microsoft.NET
2018-07-24 16:35:24 ----SHD---- C:\Windows\Installer
2018-07-24 16:35:21 ----D---- C:\Windows\SysWOW64
2018-07-24 16:35:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-07-21 13:48:33 ----D---- C:\ProgramData\IObit
2018-07-21 13:48:32 ----D---- C:\Program Files (x86)\IObit
2018-07-18 15:50:02 ----RD---- C:\Program Files (x86)
2018-07-18 15:50:02 ----D---- C:\ProgramData\AVAST Software
2018-07-14 16:46:20 ----RSD---- C:\Windows\assembly
2018-07-14 12:28:06 ----D---- C:\Windows\rescache
2018-07-12 15:25:14 ----D---- C:\Windows\winsxs
2018-07-12 15:24:00 ----D---- C:\Windows\system32\appraiser
2018-07-12 15:23:59 ----D---- C:\Windows\SYSWOW64\en-US
2018-07-12 15:23:59 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-07-12 15:23:59 ----D---- C:\Windows\system32\en-US
2018-07-12 15:23:59 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-07-12 15:23:59 ----D---- C:\Windows\system32\cs-CZ
2018-07-12 15:23:59 ----D---- C:\Program Files\Internet Explorer
2018-07-12 15:23:59 ----D---- C:\Program Files (x86)\Internet Explorer
2018-07-12 15:23:58 ----RSD---- C:\Windows\Fonts
2018-07-12 15:23:58 ----D---- C:\Windows\system32\DriverStore
2018-07-12 15:23:58 ----D---- C:\Windows\system32\Boot
2018-07-12 15:23:58 ----D---- C:\Windows\AppPatch
2018-07-11 23:09:38 ----D---- C:\Windows\system32\catroot2
2018-07-11 23:06:31 ----D---- C:\Windows\system32\MRT
2018-07-11 23:05:35 ----AC---- C:\Windows\system32\MRT.exe
2018-07-09 22:53:22 ----D---- C:\Windows\system32\catroot
2018-07-09 15:34:27 ----D---- C:\Windows\SYSWOW64\RTCOM
2018-07-09 15:25:36 ----A---- C:\Windows\system32\RTNUninst64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-07-17 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-07-17 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-07-17 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-07-17 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-07-17 381584]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2018-03-07 1469952]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2018-03-07 40448]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-07-17 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-07-17 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-07-17 239680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-07-17 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-07-17 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-07-23 467064]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2018-06-19 152688]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-10-18 27552]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-07-17 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-07-17 211160]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2018-08-04 191208]
R2 NPF;Sadp Driver (NPF); \??\C:\Windows\SysWOW64\Drivers\npf64.sys [2017-04-21 36600]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-12-10 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-12-10 47672]
R3 GeneStor;Genesys Logic Storage Driver; C:\Windows\system32\DRIVERS\GeneStor.sys [2017-11-09 215608]
R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer; C:\Windows\system32\DRIVERS\hidkmdf.sys [2017-06-29 26376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2018-07-09 6173640]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD.sys [2017-10-18 44744]
R3 IUFileFilter;IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [2017-06-06 21928]
R3 IURegProcessFilter;IURegProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [2018-01-11 22416]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2018-07-02 816640]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2018-08-04 114920]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2018-08-04 48360]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-08-04 253664]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2018-08-04 92792]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2018-05-13 201296]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2018-06-01 227928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2018-03-15 67432]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-04-28 68112]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2018-07-09 1059776]
R3 sshid;SteelSeries HID Service; C:\Windows\system32\DRIVERS\sshid.sys [2017-06-29 45928]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-07-17 46976]
S3 cpuz143;cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys []
S3 ETDSMBus;ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [2017-10-18 32840]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2017-10-18 480800]
S3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2017-10-18 41088]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-06-01 30656]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S4 IMFMBRProtect;IMFMBRProtect; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFMBRProtect.sys []
S4 IMFSafeBox;IMFSafeBox; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFSafeBox.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; D:\Avast\AvastSvc.exe [2018-07-17 322464]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MBAMService;Malwarebytes Service; D:\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-06-01 764352]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-06-01 764544]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-06-01 629696]
R3 aswbIDSAgent;aswbIDSAgent; D:\Avast\x64\aswidsagenta.exe [2018-07-17 7780400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-08 153168]
S2 IObitUnSvr;IObit Uninstaller Service; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [2018-01-25 206096]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-06-22 1467072]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-08 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-06-01 764352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-10-08 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 04.08.18
Čas skenování: 20:51
Logovací soubor: 5c8033f7-9817-11e8-b4b3-d8cb8a3b9613.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.0
Aktualizovat verzi balíku komponent: 1.0.6199
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: peta-PC\peta

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 223179
Zjištěné hrozby: 2
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 0 min, 34 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 2
Trojan.Agent.WU, C:\USERS\PETA\APPDATA\ROAMING\SMSVCHOST.EXE, Žádná uživatelská akce, [4270], [231208],1.0.6199
RiskWare.BitCoinMiner, C:\USERS\PETA\APPDATA\ROAMING\nssm.exe, Žádná uživatelská akce, [929], [434083],1.0.6199

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Log OK, položky, které nalezl MBAM smažte.

Ok smazáno.

Nastala nějaká změna?

Dobrý den
Zatím vše ok.Nic dalšího nevidím.Vyřešeno
Děkuji za pomoc

Rádo se stalo!

VIRY.CZ

vir

vir

Re: vir

Re: vir

Re: vir

Re: vir

Re: vir

Re: vir

Re: vir

Re: vir

Re: vir