VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Vytížený procesor na 60 - 100%

https://forum.viry.cz:443/viewtopic.php?t=154713

Stránka 1 z 1

Vytížený procesor na 60 - 100%

Napsal: 22 srp 2018 14:16
od milanstransky77
Dobrý den,
zpomalil se mi NTB a CPU je strašně vytížené (permanentně 60%, ale když začnu pracovat, spustím internet, tak to vyskočí až ke 100%. Prohledal jsem NTB po nabootování z USB Flashdisku pomocí ESET SysRescue, který něco našel a odstranil. Problém to ale nevyřešilo.
Bylo to: exploit.agent.REN trojan
exploit.agent.RDR trojan
exploit.agent.REB trojan
exploit.agent.REJ trojan



Prosím o pomoc.
Zasílám logy z RSIT as FRST.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.08.2018 02
Ran by Hela (administrator) on HELA-PC (22-08-2018 12:43:24)
Running from C:\Users\Hela\Desktop\_util
Loaded Profiles: Hela (Available Profiles: Hela)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\pg_ctl.exe
(CGM) C:\CGMSERVER\bin\core\cgm.servercore.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\AMICUS\server\cgm.amisrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\Magnify.exe
(Oracle Corporation) C:\CGMSERVER\jre\bin\java.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(Microsoft) C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe
(CompuGroup Medical Česká republika s.r.o.) C:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
(CompuGroup Medical Česká republika s.r.o.) C:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(HCS GmbH) C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [242904 2018-08-02] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: F - F:\SISetup.exe
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: {b47727f0-bd85-11df-94d7-0025647f2cb2} - F:\AutoRun.exe
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: {ce03bd47-09cd-11e0-8b92-0025647f2cb2} - G:\SISetup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.254
Tcpip\..\Interfaces\{27BE130C-D1BB-4C85-8E2F-1E1694A2B358}: [DhcpNameServer] 192.168.2.254
Tcpip\..\Interfaces\{AC03F184-A9DD-4D2E-88CA-FF0408DB8D94}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
URLSearchHook: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (MindSpark)
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm007^YYA^cz&si=CN3Kn_jtm7oCFY5a3godQCcApw&ptb=55B38D8A-BF78-4554-BE13-49AF3D7D45F9&ind=2013101613&n=77fd7e2d&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> {08114685-3B2D-4E7D-8635-FD8B6A7D958C} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=D7DCF4F1-FDEE-4566-A6CD-C62A46662F57&apn_sauid=2D78C107-B5B4-4A67-BFCB-CB3CE4B785CB&
SearchScopes: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=60040
SearchScopes: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm007^YYA^cz&si=CN3Kn_jtm7oCFY5a3godQCcApw&ptb=55B38D8A-BF78-4554-BE13-49AF3D7D45F9&ind=2013101613&n=77fd7e2d&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80096&lng=cs
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2018-08-02] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: No Name -> {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} -> C:\Program Files (x86)\SiteRanker\SiteRank.dll [2011-05-31] (Crawler, LLC)
BHO-x32: No Name -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2018-08-02] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: No Name -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-02] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
Toolbar: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> No Name - {364EA597-E728-4CE4-BB4A-ED846EF47970} - No File
Toolbar: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll No File

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-02] (Oracle Corporation)
FF Plugin-x32: @MapsGalaxy_39.com/Plugin -> C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Hela\AppData\Local\Google\Chrome\User Data\Default [2018-08-21]
CHR Extension: (Avast SafePrice) - C:\Users\Hela\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-16]
CHR Extension: (Avast Online Security) - C:\Users\Hela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-05-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Hela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-18]
CHR Extension: (Chrome Media Router) - C:\Users\Hela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe [7780400 2018-08-02] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [322464 2018-08-02] (AVAST Software)
R2 CGM.AMISRV; C:\AMICUS\server\cgm.amisrv.exe [26720 2017-06-09] () [File not signed]
R2 cgm.ebooking-1; C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [36704 2018-03-21] (Microsoft)
R2 cgm.ecommunication-1; C:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [88328 2018-01-16] (CompuGroup Medical Česká republika s.r.o.)
R2 cgm.etrzby-1; C:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe [22112 2017-07-26] (CompuGroup Medical Česká republika s.r.o.) [File not signed]
R2 cgm.servercore; C:\CGMSERVER\bin\core\cgm.servercore.exe [51200 2016-12-15] (CGM) [File not signed]
S3 HCS.MedConnect.Service; C:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [46080 2016-11-03] (HCS GmbH) [File not signed]
R2 HCS.MEDCONNECT.SERVICEMANAGER; C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [91648 2016-11-03] (HCS GmbH) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed]
U4 avast! Firewall; "C:\Program Files\Alwil Software\Avast5\afwServ.exe" [X]
R2 cgm.postgres; C:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe runservice -N "cgm.postgres" -D "C:/CGMSERVER/data/pgsql" [X]
S4 HP LaserJet Service; "C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [492008 2009-07-16] (AfaTech )
R3 ASUSVRC64; C:\Windows\System32\DRIVERS\AsusVRC64.sys [23424 2008-10-13] (ASUSTeK COMPUTER INC.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-08-02] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-08-02] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-08-02] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-02] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-08-02] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-08-02] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-08-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-08-02] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-08-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-08-02] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-08-02] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467064 2018-08-02] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-08-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-08-02] (AVAST Software)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-06] (Marvell Semiconductor, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-07-31] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-22 12:43 - 2018-08-22 12:43 - 000000000 ____D C:\FRST
2018-08-22 12:42 - 2018-08-22 12:43 - 000000000 ____D C:\Users\Hela\Desktop\_util
2018-08-20 20:11 - 2018-08-20 20:11 - 000002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-14 23:23 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-14 23:23 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-14 23:23 - 2018-08-02 05:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-14 23:23 - 2018-08-02 05:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-14 23:23 - 2018-08-02 05:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-14 23:23 - 2018-08-02 05:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-14 23:23 - 2018-08-02 05:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-14 23:23 - 2018-08-02 05:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-14 23:23 - 2018-08-02 05:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-14 23:23 - 2018-08-02 04:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-14 23:23 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-14 23:23 - 2018-08-02 04:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-14 23:23 - 2018-08-02 04:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-14 23:23 - 2018-08-02 04:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-14 23:23 - 2018-08-02 04:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-14 23:23 - 2018-08-02 04:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-14 23:23 - 2018-08-02 04:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-14 23:23 - 2018-08-02 04:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-14 23:23 - 2018-08-02 04:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-14 23:23 - 2018-08-02 04:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-14 23:23 - 2018-08-02 04:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-14 23:23 - 2018-08-02 04:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-14 23:23 - 2018-08-02 04:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-14 23:23 - 2018-08-02 04:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-14 23:23 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-14 23:23 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-14 23:23 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-14 23:23 - 2018-08-02 04:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-14 23:23 - 2018-08-02 04:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-14 23:23 - 2018-08-02 04:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-14 23:23 - 2018-08-02 04:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-14 23:23 - 2018-08-02 04:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-14 23:23 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-14 23:23 - 2018-08-02 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-14 23:23 - 2018-07-20 01:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-14 23:23 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-14 23:23 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-14 23:23 - 2018-07-19 06:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-14 23:23 - 2018-07-19 06:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-14 23:23 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-14 23:23 - 2018-07-19 06:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-14 23:23 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-14 23:23 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-14 23:23 - 2018-07-19 06:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-14 23:23 - 2018-07-19 06:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-14 23:23 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-14 23:23 - 2018-07-19 06:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-14 23:23 - 2018-07-19 06:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-14 23:23 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-14 23:23 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-14 23:23 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-14 23:23 - 2018-07-19 06:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-14 23:23 - 2018-07-19 06:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-14 23:23 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-14 23:23 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-14 23:23 - 2018-07-19 06:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-14 23:23 - 2018-07-19 06:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-14 23:23 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-14 23:23 - 2018-07-19 06:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-14 23:23 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-14 23:23 - 2018-07-19 06:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-14 23:23 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-14 23:23 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-14 23:23 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-14 23:23 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-14 23:23 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-14 23:23 - 2018-07-19 06:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-14 23:23 - 2018-07-19 06:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-14 23:23 - 2018-07-19 05:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-14 23:23 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-14 23:23 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-14 23:23 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-14 23:23 - 2018-07-19 05:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-14 23:23 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-14 23:23 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-14 23:23 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-14 23:23 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-14 23:23 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-14 23:23 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-14 23:23 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-14 23:23 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-14 23:23 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-14 23:23 - 2018-07-19 05:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-14 23:23 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-14 23:23 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-14 23:23 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-14 23:23 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-14 23:23 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-14 23:23 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-14 23:23 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-14 23:23 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-14 23:23 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-14 23:23 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-14 23:23 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-14 23:23 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-14 23:23 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-14 23:23 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-14 23:23 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-14 23:23 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-14 23:23 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-14 23:23 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-14 23:23 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-14 23:23 - 2018-07-13 21:19 - 001894080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-14 23:23 - 2018-07-13 21:19 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-14 23:23 - 2018-07-13 21:19 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-14 23:23 - 2018-07-08 18:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-14 23:23 - 2018-07-08 18:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-14 23:23 - 2018-07-08 18:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-14 23:23 - 2018-07-08 18:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-14 23:23 - 2018-07-08 18:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-14 23:23 - 2018-07-08 18:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-14 23:23 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-14 23:23 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-14 23:23 - 2018-07-08 17:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-14 23:23 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-14 23:23 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-14 23:23 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-14 23:23 - 2018-07-07 17:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-14 23:23 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-14 23:23 - 2018-07-06 18:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-14 23:23 - 2018-07-06 18:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-14 23:23 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-14 23:23 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-14 23:23 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-14 23:23 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-14 23:23 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-14 23:23 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-14 23:23 - 2018-06-27 18:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-14 23:23 - 2018-06-27 17:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-14 23:23 - 2018-06-27 17:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-14 23:23 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-14 23:23 - 2018-06-27 17:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-14 23:23 - 2018-06-27 17:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-14 23:23 - 2018-06-27 17:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-14 23:23 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-14 23:23 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-14 23:23 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-14 23:23 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-14 23:23 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-14 23:23 - 2018-06-27 17:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-14 23:23 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-14 23:23 - 2018-06-21 05:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-14 23:23 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-08-02 23:29 - 2018-08-02 23:53 - 000000000 ____D C:\Users\Hela\AppData\Local\AVAST Software
2018-08-02 23:25 - 2018-08-02 23:23 - 000239680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-08-02 23:24 - 2018-08-02 23:24 - 000378072 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-08-02 20:05 - 2018-08-02 20:05 - 000088871 _____ C:\Users\Hela\Downloads\T101.pdf
2018-08-02 20:03 - 2018-08-02 20:03 - 000161338 _____ C:\Users\Hela\Downloads\E101 (1).pdf
2018-08-02 20:02 - 2018-08-02 20:02 - 000985935 _____ C:\Users\Hela\Downloads\E101 (2).fo

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-22 12:45 - 2009-07-14 17:18 - 000672386 _____ C:\Windows\system32\perfh005.dat
2018-08-22 12:45 - 2009-07-14 17:18 - 000142950 _____ C:\Windows\system32\perfc005.dat
2018-08-22 12:45 - 2009-07-14 07:13 - 001593214 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-22 12:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-22 12:39 - 2009-07-14 06:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-22 12:39 - 2009-07-14 06:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-22 11:55 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-22 11:55 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2018-08-20 20:11 - 2010-11-24 18:18 - 000002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-17 07:54 - 2010-12-03 15:37 - 000000000 ____D C:\AMICUS
2018-08-16 18:51 - 2009-07-14 07:08 - 000032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-15 17:49 - 2010-11-24 18:16 - 000000000 ____D C:\Users\Hela\AppData\Local\Google
2018-08-15 17:34 - 2009-07-14 06:45 - 000422248 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-15 00:32 - 2013-08-15 22:39 - 000000000 ____D C:\Windows\system32\MRT
2018-08-15 00:31 - 2010-11-24 17:20 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-15 00:29 - 2011-08-18 23:10 - 001568864 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-08-14 22:50 - 2015-09-08 20:20 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-02 23:41 - 2017-11-15 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-08-02 23:41 - 2017-11-15 22:37 - 000000000 ____D C:\Program Files (x86)\Java
2018-08-02 23:39 - 2018-07-21 23:00 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-08-02 23:36 - 2017-11-15 22:50 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-08-02 23:25 - 2017-11-15 23:03 - 000003912 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-08-02 23:25 - 2010-11-24 18:16 - 000467064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-08-02 23:24 - 2017-11-15 23:03 - 000197160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-08-02 23:24 - 2015-08-19 19:49 - 000211160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-08-02 23:24 - 2015-08-19 19:49 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-08-02 23:24 - 2015-08-19 19:42 - 000381584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-08-02 23:24 - 2015-08-19 19:42 - 000111872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-08-02 23:24 - 2015-08-19 19:42 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-08-02 23:24 - 2010-11-24 18:16 - 000159640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-08-02 23:23 - 2017-11-15 23:03 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-08-02 23:23 - 2017-11-15 23:03 - 000229392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-08-02 23:23 - 2017-11-15 23:03 - 000201328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-08-02 23:23 - 2017-11-15 23:03 - 000059592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-08-02 23:23 - 2011-06-12 16:30 - 001027728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories =======

2010-10-06 19:52 - 2010-10-06 19:52 - 000008297 _____ () C:\Users\Hela\AppData\Roaming\UserTile.png

Some files in TEMP:
====================
2018-07-04 17:47 - 2018-07-02 15:53 - 019799056 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\086b5047-ddb8-40a2-8cf1-e64b24038a64ar.dll
2017-08-20 13:18 - 2017-08-15 12:15 - 012968032 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\0a002710-f35e-45e3-9d34-2a6ba2e17483ar.dll
2018-03-02 07:50 - 2018-01-22 13:34 - 016475568 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\15e142f3-5e0f-448e-8645-a140a77f2e06ar.dll
2016-05-03 20:11 - 2016-01-20 09:29 - 011145312 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\172c9989-4172-4564-8346-02d05a04dbb8ar.dll
2017-05-25 23:14 - 2017-04-11 08:54 - 010308192 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\20378361-3352-4f95-90f1-ac9065f259e5ar.dll
2017-08-20 13:01 - 2017-08-15 12:15 - 012968032 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\2e840a69-8dde-4b4d-a73e-f77b8e48a493ar.dll
2015-08-04 21:46 - 2015-07-17 15:59 - 008703376 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\32fbc9ca-f9bf-480d-a5df-6b8d0ab3a77ear.dll
2017-03-20 22:11 - 2017-02-13 10:53 - 014016608 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\50799959-8736-4be2-b357-0c6da03a8314ar.dll
2016-10-14 20:50 - 2016-09-19 12:43 - 016367712 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\55511b90-87ed-40f2-9a32-66a395c4dfcfar.dll
2018-03-15 20:55 - 2018-02-09 11:35 - 017061904 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\5bbed4ab-3d9a-4cfc-b9a1-ace565dae47aar.dll
2015-12-08 15:54 - 2015-11-13 09:31 - 011089808 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\60d5150d-0194-49e6-abc5-e5cf87759489ar.dll
2016-05-03 22:50 - 2016-01-20 09:29 - 011145312 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\6399b795-414e-451b-9c6c-3b8ce63eaf1aar.dll
2017-10-14 22:22 - 2017-10-10 10:38 - 014925920 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\65e1bf41-419b-42bc-80bb-edc53624fff3ar.dll
2015-10-06 17:39 - 2015-09-18 09:07 - 007327120 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\952b0a93-eaed-4528-be21-95addd860582ar.dll
2017-10-10 22:58 - 2017-08-15 12:15 - 012968032 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\960084f1-23f4-41c3-96a3-2ff98160bc36ar.dll
2016-09-01 22:44 - 2016-08-19 12:30 - 010807904 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\9bb68ae9-92ce-4718-bd10-0c9207c0c1e2ar.dll
2017-12-28 00:46 - 2017-12-08 15:21 - 018435680 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\a5385337-b8d8-4e64-a573-3a5c338a7224ar.dll
2017-02-09 22:28 - 2017-01-16 16:00 - 007053920 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\ac7c6887-a78a-4597-a8fa-3d65afd2dfcear.dll
2011-11-10 09:59 - 2011-11-10 09:59 - 000357032 _____ (Ask.com) C:\Users\Hela\AppData\Local\Temp\ApnStub.exe
2016-06-07 21:36 - 2016-01-20 09:29 - 011145312 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\c1999671-2cf3-48d6-bac5-090b63d8262bar.dll
2011-07-24 18:36 - 2011-07-24 18:36 - 003792032 _____ (Adobe Systems, Inc.) C:\Users\Hela\AppData\Local\Temp\C42.exe
2011-09-27 17:20 - 2012-10-01 17:31 - 000987080 _____ (McAfee, Inc.) C:\Users\Hela\AppData\Local\Temp\contentDATs.exe
2017-03-20 23:05 - 2017-02-13 10:53 - 014016608 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\d01df84e-f57a-4ee5-8e24-49ac70a4cfa4ar.dll
2010-09-11 12:27 - 2009-04-02 17:08 - 000148992 ____R (Huawei Technologies Co., Ltd.) C:\Users\Hela\AppData\Local\Temp\DataCard_Setup64.exe
2016-06-08 22:48 - 2016-01-20 09:29 - 011145312 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\ef1ca849-9873-4e3e-8022-fb53ca8b97c3ar.dll
2017-11-24 22:36 - 2017-10-10 11:38 - 014925920 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\f4ae7aee-dd99-454a-8b35-d2a88968b649ar.dll
2016-03-01 23:46 - 2016-01-20 09:29 - 011145312 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\fe59030c-40c1-4766-a691-91e3d42412bbar.dll
2010-11-21 04:49 - 2010-11-21 04:49 - 000875296 _____ (Sun Microsystems, Inc.) C:\Users\Hela\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
2011-11-14 23:08 - 2011-11-14 23:08 - 000909088 _____ (Sun Microsystems, Inc.) C:\Users\Hela\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
2012-02-05 04:55 - 2012-02-05 04:55 - 000908576 _____ (Sun Microsystems, Inc.) C:\Users\Hela\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
2014-04-15 22:50 - 2014-04-15 22:50 - 000921512 _____ (Oracle Corporation) C:\Users\Hela\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
2015-04-13 18:25 - 2015-04-13 18:25 - 000938408 _____ (Oracle Corporation) C:\Users\Hela\AppData\Local\Temp\jre-7u79-windows-i586-iftw.exe
2018-08-02 23:33 - 2018-08-02 23:33 - 001906040 _____ (Oracle Corporation) C:\Users\Hela\AppData\Local\Temp\jre-8u181-windows-au.exe
2010-09-11 12:27 - 2009-03-18 12:46 - 000007168 ____R () C:\Users\Hela\AppData\Local\Temp\ResetDevice.exe
2011-08-16 22:48 - 2013-02-04 18:19 - 003787456 _____ (McAfee, Inc.) C:\Users\Hela\AppData\Local\Temp\SecurityScan_Release.exe
2011-08-13 15:17 - 2011-08-13 15:17 - 000000000 _____ () C:\Users\Hela\AppData\Local\Temp\tt6iabu-.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-07 20:42

==================== End of FRST.txt ============================



Logfile of random's system information tool 1.10 (written by random/random)
Run by Hela at 2018-08-22 12:54:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 303 GB (66%) free of 462 GB
Total RAM: 4092 MB (52% free)

HijackThis download failed

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe"
C:\Windows\system32\WLANExt.exe 3862080
\??\C:\Windows\system32\conhost.exe "385189957-589919737430098332-2100017498-12649028601924539143-390420466459692883
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe runservice -N "cgm.postgres" -D "C:/CGMSERVER/data/pgsql"
C:\CGMSERVER\bin\core\cgm.servercore.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\HPSIsvc.exe
C:/CGMSERVER/bin/pgsql/bin/postgres.exe -D "C:/CGMSERVER/data/pgsql"
\??\C:\Windows\system32\conhost.exe "-403996831-1135663060-15848047401989644615-866460720-1296519049-1432944104-1700697575
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forklog" "1084" "1080"
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkboot" "1216" "-x3"
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkboot" "1220" "-x4"
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkavlauncher" "1216"
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkcol" "1220"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\AMICUS\server\cgm.amisrv.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
AvastUI.exe /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
taskmgr.exe /3
"C:\Windows\System32\Magnify.exe"
"C:\CGMSERVER\jre\bin\java.exe" -Djava.io.tmpdir=..\temp\jetty -Xms50m -Xmx768m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath="C:\CGMSERVER\logs\java.dump" -jar ..\jetty\start.jar STOP.KEY=cgm.jetty.stop STOP.PORT=12384
\??\C:\Windows\system32\conhost.exe "-758124656200438422612787956501412864227-136770719641354429716473730851188170684
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "1252"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
"C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
C:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "1248"
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "1156"
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "1252"
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "1264"
C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "1200"
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "1200"
"C:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "1216"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-eb8b86df-882c-40fe-a9e0-4869159eec7f -SystemEventPortName:HostProcess-91ef89a6-1ef7-4847-b101-a1327dbb27cc -IoCancelEventPortName:HostProcess-8f912348-347d-4ca9-a813-6680a99f12b0 -NonStateChangingEventPortName:HostProcess-9512b74a-9a97-4905-ab38-022e2e115fd5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4d57b9e5-a380-46c7-bd81-73ba2cae7b35 -DeviceGroupId:WpdFsGroup
"C:\Users\Hela\Desktop\_util\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2018-08-02 938712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
C:\PROGRA~2\SITERA~1\SiteRank.dll [2011-05-31 351448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-02 480120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2018-08-02 812248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-02 194424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [2018-08-02 242904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [2009-07-17 4968960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-25 409744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2009-06-19 494064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTrackingLEDM]
C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-08-04 30264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-06-25 140520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POPUPTV]
C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe [2010-03-19 692224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet]
C:\Program Files\Dell\QuickSet\QuickSet.exe [2009-07-03 3180624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Radio-Plug-In]
C:\Program Files (x86)\Radio-Plug-In\Radio-Plug-In.exe [2015-02-24 313064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteRanker]
C:\Program Files (x86)\SiteRanker\SiteRankTray.exe [2011-05-31 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-06-26 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-25 1808680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2009-06-29 444416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~1.5\TMMONI~1.EXE [2009-07-27 258048]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-07-07 601424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2018-08-22 12:54:08 ----D---- C:\rsit
2018-08-22 12:54:08 ----D---- C:\Program Files\trend micro
2018-08-22 12:43:10 ----D---- C:\FRST
2018-08-14 23:23:27 ----A---- C:\Windows\system32\mshtml.dll
2018-08-14 23:23:27 ----A---- C:\Windows\system32\cscdll.dll
2018-08-14 23:23:27 ----A---- C:\Windows\system32\cscapi.dll
2018-08-14 23:23:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-08-14 23:23:24 ----A---- C:\Windows\system32\ieframe.dll
2018-08-14 23:23:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-08-14 23:23:21 ----A---- C:\Windows\system32\wininet.dll
2018-08-14 23:23:21 ----A---- C:\Windows\system32\jscript9.dll
2018-08-14 23:23:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-08-14 23:23:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-08-14 23:23:20 ----A---- C:\Windows\system32\drivers\processr.sys
2018-08-14 23:23:20 ----A---- C:\Windows\system32\drivers\amdppm.sys
2018-08-14 23:23:19 ----A---- C:\Windows\system32\drivers\intelppm.sys
2018-08-14 23:23:19 ----A---- C:\Windows\system32\drivers\amdk8.sys
2018-08-14 23:23:18 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-08-14 23:23:18 ----A---- C:\Windows\system32\urlmon.dll
2018-08-14 23:23:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-08-14 23:23:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-08-14 23:23:17 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-08-14 23:23:17 ----A---- C:\Windows\system32\win32k.sys
2018-08-14 23:23:17 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-08-14 23:23:16 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-08-14 23:23:16 ----A---- C:\Windows\SYSWOW64\msi.dll
2018-08-14 23:23:16 ----A---- C:\Windows\system32\mf3216.dll
2018-08-14 23:23:16 ----A---- C:\Windows\system32\iertutil.dll
2018-08-14 23:23:15 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2018-08-14 23:23:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-08-14 23:23:15 ----A---- C:\Windows\system32\msi.dll
2018-08-14 23:23:15 ----A---- C:\Windows\system32\jscript.dll
2018-08-14 23:23:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-08-14 23:23:14 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2018-08-14 23:23:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-08-14 23:23:14 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-08-14 23:23:14 ----A---- C:\Windows\system32\vbscript.dll
2018-08-14 23:23:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-14 23:23:14 ----A---- C:\Windows\system32\msfeeds.dll
2018-08-14 23:23:14 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-08-14 23:23:13 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-08-14 23:23:13 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-08-14 23:23:13 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2018-08-14 23:23:13 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2018-08-14 23:23:13 ----A---- C:\Windows\system32\StructuredQuery.dll
2018-08-14 23:23:13 ----A---- C:\Windows\system32\ntdll.dll
2018-08-14 23:23:13 ----A---- C:\Windows\system32\msiexec.exe
2018-08-14 23:23:13 ----A---- C:\Windows\system32\iedkcs32.dll
2018-08-14 23:23:13 ----A---- C:\Windows\system32\fontsub.dll
2018-08-14 23:23:12 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2018-08-14 23:23:12 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2018-08-14 23:23:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-08-14 23:23:12 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2018-08-14 23:23:12 ----A---- C:\Windows\system32\t2embed.dll
2018-08-14 23:23:12 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-08-14 23:23:12 ----A---- C:\Windows\system32\hlink.dll
2018-08-14 23:23:12 ----A---- C:\Windows\system32\hal.dll
2018-08-14 23:23:12 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-08-14 23:23:12 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-08-14 23:23:11 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-08-14 23:23:11 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2018-08-14 23:23:11 ----A---- C:\Windows\SYSWOW64\hlink.dll
2018-08-14 23:23:11 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2018-08-14 23:23:11 ----A---- C:\Windows\system32\msimg32.dll
2018-08-14 23:23:11 ----A---- C:\Windows\system32\ieapfltr.dll
2018-08-14 23:23:11 ----A---- C:\Windows\system32\ie4uinit.exe
2018-08-14 23:23:11 ----A---- C:\Windows\system32\drivers\netio.sys
2018-08-14 23:23:11 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-08-14 23:23:11 ----A---- C:\Windows\system32\consent.exe
2018-08-14 23:23:11 ----A---- C:\Windows\system32\atmfd.dll
2018-08-14 23:23:10 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-08-14 23:23:10 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-08-14 23:23:10 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-08-14 23:23:10 ----A---- C:\Windows\system32\webcheck.dll
2018-08-14 23:23:10 ----A---- C:\Windows\system32\rstrui.exe
2018-08-14 23:23:10 ----A---- C:\Windows\system32\rpcrt4.dll
2018-08-14 23:23:10 ----A---- C:\Windows\system32\lsasrv.dll
2018-08-14 23:23:10 ----A---- C:\Windows\system32\kerberos.dll
2018-08-14 23:23:10 ----A---- C:\Windows\system32\jscript9diag.dll
2018-08-14 23:23:10 ----A---- C:\Windows\system32\conhost.exe
2018-08-14 23:23:10 ----A---- C:\Windows\system32\certcli.dll
2018-08-14 23:23:10 ----A---- C:\Windows\system32\advapi32.dll
2018-08-14 23:23:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-08-14 23:23:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-08-14 23:23:09 ----A---- C:\Windows\system32\winsrv.dll
2018-08-14 23:23:09 ----A---- C:\Windows\system32\wdigest.dll
2018-08-14 23:23:09 ----A---- C:\Windows\system32\smss.exe
2018-08-14 23:23:09 ----A---- C:\Windows\system32\schannel.dll
2018-08-14 23:23:09 ----A---- C:\Windows\system32\kernel32.dll
2018-08-14 23:23:08 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-08-14 23:23:08 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-08-14 23:23:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-08-14 23:23:08 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-08-14 23:23:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-08-14 23:23:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-08-14 23:23:08 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-08-14 23:23:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-08-14 23:23:08 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-08-14 23:23:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-08-14 23:23:08 ----A---- C:\Windows\system32\TSpkg.dll
2018-08-14 23:23:08 ----A---- C:\Windows\system32\srcore.dll
2018-08-14 23:23:08 ----A---- C:\Windows\system32\rpchttp.dll
2018-08-14 23:23:08 ----A---- C:\Windows\system32\ntvdm64.dll
2018-08-14 23:23:08 ----A---- C:\Windows\system32\ncrypt.dll
2018-08-14 23:23:08 ----A---- C:\Windows\system32\msv1_0.dll
2018-08-14 23:23:08 ----A---- C:\Windows\system32\KernelBase.dll
2018-08-14 23:23:08 ----A---- C:\Windows\system32\inseng.dll
2018-08-14 23:23:08 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-08-14 23:23:08 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-08-14 23:23:08 ----A---- C:\Windows\system32\csrsrv.dll
2018-08-14 23:23:08 ----A---- C:\Windows\system32\auditpol.exe
2018-08-14 23:23:08 ----A---- C:\Windows\system32\appidsvc.dll
2018-08-14 23:23:08 ----A---- C:\Windows\system32\appidapi.dll
2018-08-14 23:23:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-08-14 23:23:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-08-14 23:23:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-08-14 23:23:07 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\wow64win.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\wow64cpu.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\wow64.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\sspisrv.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\sspicli.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\srclient.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\secur32.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\lsass.exe
2018-08-14 23:23:07 ----A---- C:\Windows\system32\ieui.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-08-14 23:23:07 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-08-14 23:23:07 ----A---- C:\Windows\system32\drivers\appid.sys
2018-08-14 23:23:07 ----A---- C:\Windows\system32\cryptbase.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\credssp.dll
2018-08-14 23:23:07 ----A---- C:\Windows\system32\bcrypt.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-14 23:23:06 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 23:23:06 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-08-14 23:23:06 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-08-14 23:23:06 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-08-14 23:23:06 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-08-14 23:23:06 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-08-14 23:23:06 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-08-14 23:23:06 ----A---- C:\Windows\system32\authui.dll
2018-08-14 23:23:06 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-08-14 23:23:06 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-08-14 23:23:06 ----A---- C:\Windows\system32\apisetschema.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 23:23:05 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 23:23:05 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-08-14 23:23:05 ----A---- C:\Windows\system32\mshtmled.dll
2018-08-14 23:23:05 ----A---- C:\Windows\system32\dxtrans.dll
2018-08-14 23:23:05 ----A---- C:\Windows\system32\dxtmsft.dll
2018-08-14 23:23:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 23:23:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-14 23:23:04 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 23:23:04 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-14 23:23:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-08-14 23:23:04 ----A---- C:\Windows\system32\occache.dll
2018-08-14 23:23:04 ----A---- C:\Windows\system32\msrating.dll
2018-08-14 23:23:04 ----A---- C:\Windows\system32\msihnd.dll
2018-08-14 23:23:04 ----A---- C:\Windows\system32\jsproxy.dll
2018-08-14 23:23:03 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-08-14 23:23:03 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-08-14 23:23:03 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2018-08-14 23:23:03 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-08-14 23:23:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-08-14 23:23:03 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-08-14 23:23:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-08-14 23:23:03 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-08-14 23:23:03 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-08-14 23:23:03 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-08-14 23:23:03 ----A---- C:\Windows\SYSWOW64\authui.dll
2018-08-14 23:23:03 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-08-14 23:23:03 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-14 23:23:03 ----A---- C:\Windows\system32\ieUnatt.exe
2018-08-14 23:23:03 ----A---- C:\Windows\system32\iesetup.dll
2018-08-14 23:23:03 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-08-14 23:23:03 ----A---- C:\Windows\system32\appinfo.dll
2018-08-14 23:23:02 ----A---- C:\Windows\SYSWOW64\user.exe
2018-08-14 23:23:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-08-14 23:23:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-08-14 23:23:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-08-14 23:23:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-08-14 23:23:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-08-14 23:23:02 ----A---- C:\Windows\system32\lpk.dll
2018-08-14 23:23:02 ----A---- C:\Windows\system32\iernonce.dll
2018-08-14 23:23:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-08-14 23:23:02 ----A---- C:\Windows\system32\dciman32.dll
2018-08-14 23:23:02 ----A---- C:\Windows\system32\adtschema.dll
2018-08-14 23:23:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-08-14 23:23:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-08-14 23:23:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-08-14 23:23:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2018-08-14 23:23:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2018-08-14 23:23:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2018-08-14 23:23:01 ----A---- C:\Windows\system32\tzres.dll
2018-08-14 23:23:01 ----A---- C:\Windows\system32\msobjs.dll
2018-08-14 23:23:01 ----A---- C:\Windows\system32\msaudite.dll
2018-08-14 23:23:01 ----A---- C:\Windows\system32\atmlib.dll
2018-08-14 23:23:00 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2018-08-14 23:23:00 ----A---- C:\Windows\system32\msimsg.dll
2018-08-14 23:23:00 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-08-02 23:25:00 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-08-02 23:24:40 ----A---- C:\Windows\system32\aswBoot.exe
2018-07-12 21:18:22 ----A---- C:\Windows\system32\shell32.dll
2018-07-12 21:18:21 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-07-12 21:18:20 ----A---- C:\Windows\system32\ucrtbase.dll
2018-07-12 21:18:20 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-07-12 21:18:19 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-07-12 21:18:17 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-07-12 21:18:17 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-07-12 21:18:17 ----A---- C:\Windows\system32\zipfldr.dll
2018-07-12 21:18:17 ----A---- C:\Windows\system32\wkssvc.dll
2018-07-12 21:18:17 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-07-12 21:18:17 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-07-12 21:18:17 ----A---- C:\Windows\system32\dnsapi.dll
2018-07-12 21:18:15 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2018-07-12 21:18:15 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 21:18:15 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 21:18:15 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 21:18:15 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-12 21:18:15 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-12 21:18:15 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-07-12 21:18:15 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-12 21:18:14 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-12 21:18:14 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-12 21:18:13 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-12 21:18:12 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 21:18:12 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-12 21:18:12 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-12 21:18:11 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2018-07-12 21:18:11 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-07-12 21:18:11 ----A---- C:\Windows\system32\dnscacheugc.exe
2018-07-12 21:18:09 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-07-12 21:18:09 ----A---- C:\Windows\system32\ole32.dll
2018-07-12 21:18:09 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-07-12 21:18:05 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-07-12 21:18:02 ----A---- C:\Windows\system32\rpcss.dll
2018-07-12 21:17:58 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-07-12 21:17:58 ----A---- C:\Windows\system32\MPSSVC.dll
2018-07-12 21:17:58 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-07-12 21:17:58 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-07-12 21:17:58 ----A---- C:\Windows\system32\comcat.dll
2018-07-12 21:17:57 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-07-12 21:17:57 ----A---- C:\Windows\system32\icfupgd.dll
2018-07-12 21:17:55 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-07-12 21:17:55 ----A---- C:\Windows\system32\wfapigp.dll
2018-07-12 21:17:55 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-07-12 21:17:55 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-07-12 21:17:54 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-07-12 21:17:54 ----A---- C:\Windows\system32\oleres.dll
2018-07-12 21:17:53 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-07-12 21:15:13 ----A---- C:\Windows\system32\appraiser.dll
2018-07-12 21:15:13 ----A---- C:\Windows\system32\aitstatic.exe
2018-07-12 21:15:12 ----A---- C:\Windows\system32\invagent.dll
2018-07-12 21:15:12 ----A---- C:\Windows\system32\generaltel.dll
2018-07-12 21:15:12 ----A---- C:\Windows\system32\devinv.dll
2018-07-12 21:15:12 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-07-12 21:15:12 ----A---- C:\Windows\system32\centel.dll
2018-07-12 21:15:12 ----A---- C:\Windows\system32\aepic.dll
2018-07-12 21:15:12 ----A---- C:\Windows\system32\aeinv.dll
2018-07-12 21:15:12 ----A---- C:\Windows\system32\acmigration.dll

======List of files/folders modified in the last 2 months======

2018-08-22 12:54:08 ----RD---- C:\Program Files
2018-08-22 12:54:07 ----D---- C:\Windows\Prefetch
2018-08-22 12:52:57 ----D---- C:\Windows\Temp
2018-08-22 12:46:25 ----D---- C:\Windows
2018-08-22 12:45:24 ----D---- C:\Windows\System32
2018-08-22 12:45:24 ----D---- C:\Windows\inf
2018-08-22 12:45:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-22 11:55:25 ----D---- C:\Windows\tracing
2018-08-21 23:08:48 ----D---- C:\Windows\system32\config
2018-08-17 07:54:25 ----D---- C:\AMICUS
2018-08-17 00:58:26 ----SHD---- C:\Windows\Installer
2018-08-17 00:58:26 ----SHD---- C:\Config.Msi
2018-08-17 00:58:18 ----D---- C:\Windows\Microsoft.NET
2018-08-16 22:11:29 ----RSD---- C:\Windows\assembly
2018-08-15 17:37:39 ----D---- C:\Windows\winsxs
2018-08-15 17:30:03 ----D---- C:\Program Files\Internet Explorer
2018-08-15 17:29:53 ----D---- C:\Program Files (x86)\Internet Explorer
2018-08-15 17:29:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-08-15 17:29:44 ----D---- C:\Windows\SYSWOW64\en-US
2018-08-15 17:29:41 ----D---- C:\Windows\SysWOW64
2018-08-15 17:29:23 ----D---- C:\Windows\system32\drivers
2018-08-15 17:29:23 ----D---- C:\Windows\system32\cs-CZ
2018-08-15 17:29:14 ----D---- C:\Windows\system32\en-US
2018-08-15 17:27:13 ----D---- C:\Windows\AppPatch
2018-08-15 17:26:55 ----D---- C:\Windows\system32\Boot
2018-08-15 17:26:54 ----D---- C:\Windows\system32\migration
2018-08-15 17:26:42 ----D---- C:\Windows\system32\DriverStore
2018-08-15 00:32:14 ----D---- C:\Windows\system32\MRT
2018-08-15 00:31:59 ----AC---- C:\Windows\system32\MRT.exe
2018-08-15 00:29:20 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-08-15 00:27:30 ----D---- C:\Windows\system32\catroot2
2018-08-15 00:25:19 ----D---- C:\Windows\system32\wdi
2018-08-14 23:55:44 ----SHD---- C:\System Volume Information
2018-08-02 23:41:53 ----D---- C:\Program Files (x86)\Java
2018-08-02 23:41:13 ----D---- C:\Program Files (x86)\Common Files
2018-08-02 23:36:50 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2018-08-02 23:25:07 ----D---- C:\Windows\system32\Tasks
2018-07-21 09:35:35 ----D---- C:\Windows\system32\appraiser
2018-07-21 09:35:00 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-07-21 09:33:49 ----RSD---- C:\Windows\Fonts
2018-06-28 23:58:18 ----D---- C:\CGMSERVER
2018-06-25 23:15:43 ----SD---- C:\Users\Hela\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-08-02 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-08-02 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-08-02 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-08-02 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-08-02 381584]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-31 834544]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-08-02 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-08-02 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-08-02 239680]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-07-11 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-08-02 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-08-02 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-08-02 467064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-08-02 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-08-02 211160]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 ASUSVRC64;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC64.sys [2008-10-13 23424]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-06-25 6036480]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2009-07-17 22520]
R3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-17 2769400]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-05-08 215552]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2009-06-29 487424]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-25 273456]
S3 AF9035BDA;ASUS U3100 Mini Plus BDA Devices; C:\Windows\System32\Drivers\AF9035BDA.sys [2009-07-16 492008]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-08-02 46976]
S3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2009-03-23 20992]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2010-03-06 20480]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-06-25 203264]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2018-08-02 322464]
R2 CGM.AMISRV;CGM.AMISRV; C:\AMICUS\server\cgm.amisrv.exe [2017-06-09 26720]
R2 cgm.ebooking-1;cgm.ebooking-1; C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [2018-03-21 36704]
R2 cgm.ecommunication-1;cgm.ecommunication-1; C:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [2018-01-16 88328]
R2 cgm.etrzby-1;cgm.etrzby-1; C:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe [2017-07-26 22112]
R2 cgm.postgres;cgm.postgres; C:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe runservice -N cgm.postgres -D C:/CGMSERVER/data/pgsql []
R2 cgm.servercore;cgm.servercore; C:\CGMSERVER\bin\core\cgm.servercore.exe [2016-12-15 51200]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HCS.MEDCONNECT.SERVICEMANAGER;HCS.MEDCONNECT.SERVICEMANAGER; C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [2016-11-03 91648]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-07 127800]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [2009-06-29 240128]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-08-07 5611280]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE [2009-07-17 33280]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe [2018-08-02 7780400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09 271864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-02-27 194032]
S3 HCS.MedConnect.Service;HCS.MedConnect.Service; C:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [2016-11-03 46080]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-07-19 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-11 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe []
S4 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------





Děkuji moc
Milan

Re: Vytížený procesor na 60 - 100%

Napsal: 22 srp 2018 14:24
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Vytížený procesor na 60 - 100%

Napsal: 22 srp 2018 14:44
od milanstransky77
Dobrý den, děkuji za odpověď a pomoc.
zasílám log:


# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-12.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-22-2018
# Duration: 00:00:06
# OS: Windows 7 Home Premium
# Cleaned: 126
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Hela\AppData\Local\Temp\APN-Stub
Deleted C:\Users\Hela\AppData\LocalLow\AskToolbar
Deleted C:\ProgramData\Ask
Deleted C:\Program Files (x86)\Crawler
Deleted C:\Users\Hela\AppData\Local\Temp\Iminent
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Deleted C:\Users\Hela\AppData\LocalLow\Inbox Toolbar
Deleted C:\Program Files (x86)\MapsGalaxy_39
Deleted C:\Users\Hela\AppData\Local\MapsGalaxy_39
Deleted C:\Users\Hela\AppData\LocalLow\MapsGalaxy_39
Deleted C:\Users\Hela\AppData\Local\Temp\APNLogs
Deleted C:\Program Files (x86)\DAEMON Tools Toolbar
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Deleted C:\Program Files (x86)\SiteRanker
Deleted C:\Users\Hela\AppData\LocalLow\SiteRanker
Deleted C:\Users\Hela\AppData\Local\iac

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Více produktů Crawler.lnk
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Nápověda pro lištu.lnk

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.myway.cz
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\myway.cz
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\myway.com
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\easypdfcombine.dl.myway.com
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall Internet Explorer
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall Firefox
Deleted HKLM\Software\Wow6432Node\MozillaPlugins\@MapsGalaxy_39.com\Plugin
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e1f80eb5-8af4-410d-87c1-4f3e2776822a}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ae0f4663-eae3-437f-be60-9ec9b745dbfa}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9193e23b-4182-493f-a38e-682307a7c463}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79e57afa-bc05-4636-9457-fbc0abb3576b}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6818868a-1b3d-4e35-a561-fa964a96cd3b}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1241cebd-9777-4bc6-aae5-2a77e25db246}
Deleted HKLM\Software\Wow6432Node\Iminent
Deleted HKCU\Software\Inbox Toolbar
Deleted HKLM\Software\Wow6432Node\Inbox Toolbar
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SiteRanker
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\POPUPTV
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\IAAnotif
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\QuickSet
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SysTrayApp
Deleted HKCU\Software\YahooPartnerToolbar
Deleted HKCU\Software\SiteRanker
Deleted HKCU\Software\dt soft\daemon tools toolbar
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-805495145-1528663485-3273650491-1000\Software\CToolbar
Deleted HKCU\Software\CToolbar
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Deleted HKLM\Software\Wow6432Node\Classes\protocols\handler\inbox
Deleted HKLM\SOFTWARE\Classes\protocols\handler\inbox
Deleted HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Deleted HKLM\Software\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
Deleted HKLM\Software\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Deleted HKLM\Software\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Deleted HKLM\Software\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Deleted HKLM\Software\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Deleted HKLM\Software\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Deleted HKLM\Software\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Deleted HKLM\Software\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Deleted HKLM\Software\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Deleted HKLM\Software\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Deleted HKLM\Software\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Deleted HKLM\Software\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Deleted HKLM\Software\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Not Deleted HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted HKLM\Software\Classes\ctbcommon.Buttons
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wlogin.icq.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\icq.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.pestryjidelnicek.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.govenice.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.akcniceny.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pestryjidelnicek.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\newvenicetravel.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\govenice.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\akcniceny.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\easypdfcombine.dl.tb.ask.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{08114685-3B2D-4E7D-8635-FD8B6A7D958C}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search|CustomizeSearch
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search|SearchAssistant
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|CustomizeSearch
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|SearchAssistant
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\softonic.de

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [15016 octets] - [22/08/2018 13:32:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Vytížený procesor na 60 - 100%

Napsal: 22 srp 2018 15:00
od Rudy
Dejte nový log FRST.

Re: Vytížený procesor na 60 - 100%

Napsal: 22 srp 2018 15:06
od milanstransky77
Dobrý den,
zasílám.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.08.2018 02
Ran by Hela (administrator) on HELA-PC (22-08-2018 14:03:57)
Running from C:\Users\Hela\Desktop\_util
Loaded Profiles: Hela (Available Profiles: Hela)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\pg_ctl.exe
(CGM) C:\CGMSERVER\bin\core\cgm.servercore.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
() C:\AMICUS\server\cgm.amisrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) C:\CGMSERVER\jre\bin\java.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe
(Microsoft) C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(CompuGroup Medical Česká republika s.r.o.) C:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
(CompuGroup Medical Česká republika s.r.o.) C:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(HCS GmbH) C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\Magnify.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [242904 2018-08-02] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: F - F:\SISetup.exe
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: {b47727f0-bd85-11df-94d7-0025647f2cb2} - F:\AutoRun.exe
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: {ce03bd47-09cd-11e0-8b92-0025647f2cb2} - G:\SISetup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.254
Tcpip\..\Interfaces\{27BE130C-D1BB-4C85-8E2F-1E1694A2B358}: [DhcpNameServer] 192.168.2.254
Tcpip\..\Interfaces\{AC03F184-A9DD-4D2E-88CA-FF0408DB8D94}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
URLSearchHook: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll No File
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2018-08-02] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: No Name -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2018-08-02] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-02] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> No Name - {364EA597-E728-4CE4-BB4A-ED846EF47970} - No File
Toolbar: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-02] (Oracle Corporation)
FF Plugin-x32: @MapsGalaxy_39.com/Plugin -> C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Hela\AppData\Local\Google\Chrome\User Data\Default [2018-08-21]
CHR Extension: (Avast SafePrice) - C:\Users\Hela\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-16]
CHR Extension: (Avast Online Security) - C:\Users\Hela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-05-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Hela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-18]
CHR Extension: (Chrome Media Router) - C:\Users\Hela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe [7780400 2018-08-02] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [322464 2018-08-02] (AVAST Software)
R2 CGM.AMISRV; C:\AMICUS\server\cgm.amisrv.exe [26720 2017-06-09] () [File not signed]
R2 cgm.ebooking-1; C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [36704 2018-03-21] (Microsoft)
R2 cgm.ecommunication-1; C:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [88328 2018-01-16] (CompuGroup Medical Česká republika s.r.o.)
R2 cgm.etrzby-1; C:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe [22112 2017-07-26] (CompuGroup Medical Česká republika s.r.o.) [File not signed]
R2 cgm.servercore; C:\CGMSERVER\bin\core\cgm.servercore.exe [51200 2016-12-15] (CGM) [File not signed]
S3 HCS.MedConnect.Service; C:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [46080 2016-11-03] (HCS GmbH) [File not signed]
R2 HCS.MEDCONNECT.SERVICEMANAGER; C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [91648 2016-11-03] (HCS GmbH) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed]
U4 avast! Firewall; "C:\Program Files\Alwil Software\Avast5\afwServ.exe" [X]
R2 cgm.postgres; C:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe runservice -N "cgm.postgres" -D "C:/CGMSERVER/data/pgsql" [X]
S4 HP LaserJet Service; "C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [492008 2009-07-16] (AfaTech )
R3 ASUSVRC64; C:\Windows\System32\DRIVERS\AsusVRC64.sys [23424 2008-10-13] (ASUSTeK COMPUTER INC.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-08-02] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-08-02] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-08-02] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-02] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-08-02] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-08-02] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-08-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-08-02] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-08-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-08-02] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-08-02] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467064 2018-08-02] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-08-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-08-02] (AVAST Software)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-06] (Marvell Semiconductor, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-07-31] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-22 13:28 - 2018-08-22 13:34 - 000000000 ____D C:\AdwCleaner
2018-08-22 12:54 - 2018-08-22 12:54 - 000000000 ____D C:\rsit
2018-08-22 12:54 - 2018-08-22 12:54 - 000000000 ____D C:\Program Files\trend micro
2018-08-22 12:43 - 2018-08-22 14:03 - 000000000 ____D C:\FRST
2018-08-22 12:42 - 2018-08-22 14:03 - 000000000 ____D C:\Users\Hela\Desktop\_util
2018-08-20 20:11 - 2018-08-20 20:11 - 000002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-14 23:23 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-14 23:23 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-14 23:23 - 2018-08-02 05:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-14 23:23 - 2018-08-02 05:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-14 23:23 - 2018-08-02 05:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-14 23:23 - 2018-08-02 05:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-14 23:23 - 2018-08-02 05:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-14 23:23 - 2018-08-02 05:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-14 23:23 - 2018-08-02 05:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-14 23:23 - 2018-08-02 04:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-14 23:23 - 2018-08-02 04:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-14 23:23 - 2018-08-02 04:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-14 23:23 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-14 23:23 - 2018-08-02 04:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-14 23:23 - 2018-08-02 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-14 23:23 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-14 23:23 - 2018-08-02 04:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-14 23:23 - 2018-08-02 04:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-14 23:23 - 2018-08-02 04:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-14 23:23 - 2018-08-02 04:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-14 23:23 - 2018-08-02 04:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-14 23:23 - 2018-08-02 04:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-14 23:23 - 2018-08-02 04:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-14 23:23 - 2018-08-02 04:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-14 23:23 - 2018-08-02 04:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-14 23:23 - 2018-08-02 04:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-14 23:23 - 2018-08-02 04:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-14 23:23 - 2018-08-02 04:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-14 23:23 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-14 23:23 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-14 23:23 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-14 23:23 - 2018-08-02 04:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-14 23:23 - 2018-08-02 04:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-14 23:23 - 2018-08-02 04:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-14 23:23 - 2018-08-02 04:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-14 23:23 - 2018-08-02 04:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-14 23:23 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-14 23:23 - 2018-08-02 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 23:23 - 2018-08-02 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-14 23:23 - 2018-07-20 01:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-14 23:23 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-14 23:23 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-14 23:23 - 2018-07-19 06:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-14 23:23 - 2018-07-19 06:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-14 23:23 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-14 23:23 - 2018-07-19 06:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-14 23:23 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-14 23:23 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-14 23:23 - 2018-07-19 06:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-14 23:23 - 2018-07-19 06:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-14 23:23 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-14 23:23 - 2018-07-19 06:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-14 23:23 - 2018-07-19 06:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-14 23:23 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-14 23:23 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-14 23:23 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-14 23:23 - 2018-07-19 06:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-14 23:23 - 2018-07-19 06:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-14 23:23 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-14 23:23 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-14 23:23 - 2018-07-19 06:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-14 23:23 - 2018-07-19 06:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-14 23:23 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-14 23:23 - 2018-07-19 06:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-14 23:23 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-14 23:23 - 2018-07-19 06:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-14 23:23 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-14 23:23 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-14 23:23 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-14 23:23 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-14 23:23 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-14 23:23 - 2018-07-19 06:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-14 23:23 - 2018-07-19 06:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-14 23:23 - 2018-07-19 05:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-14 23:23 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-14 23:23 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-14 23:23 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-14 23:23 - 2018-07-19 05:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-14 23:23 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-14 23:23 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-14 23:23 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-14 23:23 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-14 23:23 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-14 23:23 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-14 23:23 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-14 23:23 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-14 23:23 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-14 23:23 - 2018-07-19 05:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-14 23:23 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-14 23:23 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-14 23:23 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-14 23:23 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-14 23:23 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-14 23:23 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-14 23:23 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-14 23:23 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-14 23:23 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-14 23:23 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-14 23:23 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-14 23:23 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-14 23:23 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-14 23:23 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-14 23:23 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-14 23:23 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-14 23:23 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-14 23:23 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-14 23:23 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-14 23:23 - 2018-07-13 21:19 - 001894080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-14 23:23 - 2018-07-13 21:19 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-14 23:23 - 2018-07-13 21:19 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-14 23:23 - 2018-07-08 18:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-14 23:23 - 2018-07-08 18:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-14 23:23 - 2018-07-08 18:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-14 23:23 - 2018-07-08 18:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-14 23:23 - 2018-07-08 18:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-14 23:23 - 2018-07-08 18:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-14 23:23 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-14 23:23 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-14 23:23 - 2018-07-08 17:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-14 23:23 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-14 23:23 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-14 23:23 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-14 23:23 - 2018-07-07 17:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-14 23:23 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-14 23:23 - 2018-07-06 18:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-14 23:23 - 2018-07-06 18:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-14 23:23 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-14 23:23 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-14 23:23 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-14 23:23 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-14 23:23 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-14 23:23 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-14 23:23 - 2018-06-27 18:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-14 23:23 - 2018-06-27 17:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-14 23:23 - 2018-06-27 17:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-14 23:23 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-14 23:23 - 2018-06-27 17:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-14 23:23 - 2018-06-27 17:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-14 23:23 - 2018-06-27 17:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-14 23:23 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-14 23:23 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-14 23:23 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-14 23:23 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-14 23:23 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-14 23:23 - 2018-06-27 17:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-14 23:23 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-14 23:23 - 2018-06-21 05:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-14 23:23 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-08-02 23:29 - 2018-08-02 23:53 - 000000000 ____D C:\Users\Hela\AppData\Local\AVAST Software
2018-08-02 23:25 - 2018-08-02 23:23 - 000239680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-08-02 23:24 - 2018-08-02 23:24 - 000378072 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-08-02 20:05 - 2018-08-02 20:05 - 000088871 _____ C:\Users\Hela\Downloads\T101.pdf
2018-08-02 20:03 - 2018-08-02 20:03 - 000161338 _____ C:\Users\Hela\Downloads\E101 (1).pdf
2018-08-02 20:02 - 2018-08-02 20:02 - 000985935 _____ C:\Users\Hela\Downloads\E101 (2).fo

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-22 13:47 - 2009-07-14 06:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-22 13:47 - 2009-07-14 06:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-22 13:35 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-22 12:45 - 2009-07-14 17:18 - 000672386 _____ C:\Windows\system32\perfh005.dat
2018-08-22 12:45 - 2009-07-14 17:18 - 000142950 _____ C:\Windows\system32\perfc005.dat
2018-08-22 12:45 - 2009-07-14 07:13 - 001593214 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-22 12:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-22 11:55 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2018-08-20 20:11 - 2010-11-24 18:18 - 000002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-17 07:54 - 2010-12-03 15:37 - 000000000 ____D C:\AMICUS
2018-08-16 18:51 - 2009-07-14 07:08 - 000032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-15 17:49 - 2010-11-24 18:16 - 000000000 ____D C:\Users\Hela\AppData\Local\Google
2018-08-15 17:34 - 2009-07-14 06:45 - 000422248 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-15 00:32 - 2013-08-15 22:39 - 000000000 ____D C:\Windows\system32\MRT
2018-08-15 00:31 - 2010-11-24 17:20 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-15 00:29 - 2011-08-18 23:10 - 001568864 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-08-14 22:50 - 2015-09-08 20:20 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-02 23:41 - 2017-11-15 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-08-02 23:41 - 2017-11-15 22:37 - 000000000 ____D C:\Program Files (x86)\Java
2018-08-02 23:39 - 2018-07-21 23:00 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-08-02 23:36 - 2017-11-15 22:50 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-08-02 23:25 - 2017-11-15 23:03 - 000003912 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-08-02 23:25 - 2010-11-24 18:16 - 000467064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-08-02 23:24 - 2017-11-15 23:03 - 000197160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-08-02 23:24 - 2015-08-19 19:49 - 000211160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-08-02 23:24 - 2015-08-19 19:49 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-08-02 23:24 - 2015-08-19 19:42 - 000381584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-08-02 23:24 - 2015-08-19 19:42 - 000111872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-08-02 23:24 - 2015-08-19 19:42 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-08-02 23:24 - 2010-11-24 18:16 - 000159640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-08-02 23:23 - 2017-11-15 23:03 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-08-02 23:23 - 2017-11-15 23:03 - 000229392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-08-02 23:23 - 2017-11-15 23:03 - 000201328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-08-02 23:23 - 2017-11-15 23:03 - 000059592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-08-02 23:23 - 2011-06-12 16:30 - 001027728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories =======

2010-10-06 19:52 - 2010-10-06 19:52 - 000008297 _____ () C:\Users\Hela\AppData\Roaming\UserTile.png

Some files in TEMP:
====================
2018-07-04 17:47 - 2018-07-02 15:53 - 019799056 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\086b5047-ddb8-40a2-8cf1-e64b24038a64ar.dll
2017-08-20 13:18 - 2017-08-15 12:15 - 012968032 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\0a002710-f35e-45e3-9d34-2a6ba2e17483ar.dll
2018-03-02 07:50 - 2018-01-22 13:34 - 016475568 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\15e142f3-5e0f-448e-8645-a140a77f2e06ar.dll
2016-05-03 20:11 - 2016-01-20 09:29 - 011145312 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\172c9989-4172-4564-8346-02d05a04dbb8ar.dll
2017-05-25 23:14 - 2017-04-11 08:54 - 010308192 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\20378361-3352-4f95-90f1-ac9065f259e5ar.dll
2017-08-20 13:01 - 2017-08-15 12:15 - 012968032 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\2e840a69-8dde-4b4d-a73e-f77b8e48a493ar.dll
2015-08-04 21:46 - 2015-07-17 15:59 - 008703376 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\32fbc9ca-f9bf-480d-a5df-6b8d0ab3a77ear.dll
2017-03-20 22:11 - 2017-02-13 10:53 - 014016608 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\50799959-8736-4be2-b357-0c6da03a8314ar.dll
2016-10-14 20:50 - 2016-09-19 12:43 - 016367712 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\55511b90-87ed-40f2-9a32-66a395c4dfcfar.dll
2018-03-15 20:55 - 2018-02-09 11:35 - 017061904 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\5bbed4ab-3d9a-4cfc-b9a1-ace565dae47aar.dll
2015-12-08 15:54 - 2015-11-13 09:31 - 011089808 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\60d5150d-0194-49e6-abc5-e5cf87759489ar.dll
2016-05-03 22:50 - 2016-01-20 09:29 - 011145312 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\6399b795-414e-451b-9c6c-3b8ce63eaf1aar.dll
2017-10-14 22:22 - 2017-10-10 10:38 - 014925920 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\65e1bf41-419b-42bc-80bb-edc53624fff3ar.dll
2015-10-06 17:39 - 2015-09-18 09:07 - 007327120 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\952b0a93-eaed-4528-be21-95addd860582ar.dll
2017-10-10 22:58 - 2017-08-15 12:15 - 012968032 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\960084f1-23f4-41c3-96a3-2ff98160bc36ar.dll
2016-09-01 22:44 - 2016-08-19 12:30 - 010807904 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\9bb68ae9-92ce-4718-bd10-0c9207c0c1e2ar.dll
2017-12-28 00:46 - 2017-12-08 15:21 - 018435680 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\a5385337-b8d8-4e64-a573-3a5c338a7224ar.dll
2017-02-09 22:28 - 2017-01-16 16:00 - 007053920 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\ac7c6887-a78a-4597-a8fa-3d65afd2dfcear.dll
2011-11-10 09:59 - 2011-11-10 09:59 - 000357032 _____ (Ask.com) C:\Users\Hela\AppData\Local\Temp\ApnStub.exe
2016-06-07 21:36 - 2016-01-20 09:29 - 011145312 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\c1999671-2cf3-48d6-bac5-090b63d8262bar.dll
2011-07-24 18:36 - 2011-07-24 18:36 - 003792032 _____ (Adobe Systems, Inc.) C:\Users\Hela\AppData\Local\Temp\C42.exe
2011-09-27 17:20 - 2012-10-01 17:31 - 000987080 _____ (McAfee, Inc.) C:\Users\Hela\AppData\Local\Temp\contentDATs.exe
2017-03-20 23:05 - 2017-02-13 10:53 - 014016608 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\d01df84e-f57a-4ee5-8e24-49ac70a4cfa4ar.dll
2010-09-11 12:27 - 2009-04-02 17:08 - 000148992 ____R (Huawei Technologies Co., Ltd.) C:\Users\Hela\AppData\Local\Temp\DataCard_Setup64.exe
2016-06-08 22:48 - 2016-01-20 09:29 - 011145312 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\ef1ca849-9873-4e3e-8022-fb53ca8b97c3ar.dll
2017-11-24 22:36 - 2017-10-10 11:38 - 014925920 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\f4ae7aee-dd99-454a-8b35-d2a88968b649ar.dll
2016-03-01 23:46 - 2016-01-20 09:29 - 011145312 _____ (CompuGroup Medical Česká republika s.r.o.) C:\Users\Hela\AppData\Local\Temp\fe59030c-40c1-4766-a691-91e3d42412bbar.dll
2010-11-21 04:49 - 2010-11-21 04:49 - 000875296 _____ (Sun Microsystems, Inc.) C:\Users\Hela\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
2011-11-14 23:08 - 2011-11-14 23:08 - 000909088 _____ (Sun Microsystems, Inc.) C:\Users\Hela\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
2012-02-05 04:55 - 2012-02-05 04:55 - 000908576 _____ (Sun Microsystems, Inc.) C:\Users\Hela\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
2014-04-15 22:50 - 2014-04-15 22:50 - 000921512 _____ (Oracle Corporation) C:\Users\Hela\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
2015-04-13 18:25 - 2015-04-13 18:25 - 000938408 _____ (Oracle Corporation) C:\Users\Hela\AppData\Local\Temp\jre-7u79-windows-i586-iftw.exe
2018-08-02 23:33 - 2018-08-02 23:33 - 001906040 _____ (Oracle Corporation) C:\Users\Hela\AppData\Local\Temp\jre-8u181-windows-au.exe
2010-09-11 12:27 - 2009-03-18 12:46 - 000007168 ____R () C:\Users\Hela\AppData\Local\Temp\ResetDevice.exe
2011-08-16 22:48 - 2013-02-04 18:19 - 003787456 _____ (McAfee, Inc.) C:\Users\Hela\AppData\Local\Temp\SecurityScan_Release.exe
2011-08-13 15:17 - 2011-08-13 15:17 - 000000000 _____ () C:\Users\Hela\AppData\Local\Temp\tt6iabu-.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-07 20:42

==================== End of FRST.txt ============================

Re: Vytížený procesor na 60 - 100%

Napsal: 22 srp 2018 16:27
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: F - F:\SISetup.exe
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: {b47727f0-bd85-11df-94d7-0025647f2cb2} - F:\AutoRun.exe
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: {ce03bd47-09cd-11e0-8b92-0025647f2cb2} - G:\SISetup.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
URLSearchHook: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll No File
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: No Name -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> No Name - {364EA597-E728-4CE4-BB4A-ED846EF47970} - No File
FF Plugin-x32: @MapsGalaxy_39.com/Plugin -> C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\Users\Hela\AppData\Local\Temp
Task: {36B6D65E-8DD2-46B6-ACA8-CAC4CAA8F226} - System32\Tasks\GoogleUpdateTaskMachineCore1d362ec121b09f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {E04F77F9-B3DA-4759-9E80-A0F36B84406B} - System32\Tasks\GoogleUpdateTaskMachineUA1d362ec4498954 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {EF1247E4-5E68-40C4-BB5A-14F43075AFD4} - no filepath

EmptyTemp:
End
Uložte do C:\Users\Hela\Desktop\_util jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Vytížený procesor na 60 - 100%

Napsal: 22 srp 2018 21:53
od milanstransky77
Dobrý den,
??? při vykonávání se to kouslo a nahoře to ukazovalo, že to maže tem pro MSIE v profilu uživatele. Tento log se zobrazil po restartu, tak nevím co se dělo. Jinak se nic nezměnilo, CPU je stále vysoce zatížené.
Děkují moc


Fix result of Farbar Recovery Scan Tool (x64) Version: 19.08.2018 02
Ran by Hela (22-08-2018 19:24:35) Run:1
Running from C:\Users\Hela\Desktop\_util
Loaded Profiles: Hela (Available Profiles: Hela)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: F - F:\SISetup.exe
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: {b47727f0-bd85-11df-94d7-0025647f2cb2} - F:\AutoRun.exe
HKU\S-1-5-21-805495145-1528663485-3273650491-1000\...\MountPoints2: {ce03bd47-09cd-11e0-8b92-0025647f2cb2} - G:\SISetup.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
URLSearchHook: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll No File
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: No Name -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-805495145-1528663485-3273650491-1000 -> No Name - {364EA597-E728-4CE4-BB4A-ED846EF47970} - No File
FF Plugin-x32: @MapsGalaxy_39.com/Plugin -> C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\Users\Hela\AppData\Local\Temp
Task: {36B6D65E-8DD2-46B6-ACA8-CAC4CAA8F226} - System32\Tasks\GoogleUpdateTaskMachineCore1d362ec121b09f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {E04F77F9-B3DA-4759-9E80-A0F36B84406B} - System32\Tasks\GoogleUpdateTaskMachineUA1d362ec4498954 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {EF1247E4-5E68-40C4-BB5A-14F43075AFD4} - no filepath

EmptyTemp:
End

*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKU\S-1-5-21-805495145-1528663485-3273650491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => removed successfully
"HKU\S-1-5-21-805495145-1528663485-3273650491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b47727f0-bd85-11df-94d7-0025647f2cb2}" => removed successfully
HKLM\Software\Classes\CLSID\{b47727f0-bd85-11df-94d7-0025647f2cb2} => not found
"HKU\S-1-5-21-805495145-1528663485-3273650491-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce03bd47-09cd-11e0-8b92-0025647f2cb2}" => removed successfully
HKLM\Software\Classes\CLSID\{ce03bd47-09cd-11e0-8b92-0025647f2cb2} => not found
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKU\S-1-5-21-805495145-1528663485-3273650491-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}" => removed successfully
"HKU\S-1-5-21-805495145-1528663485-3273650491-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{26842a09-ffa8-4e2c-ae12-0c80f01c3295}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => removed successfully
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => removed successfully
"HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKU\S-1-5-21-805495145-1528663485-3273650491-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{364EA597-E728-4CE4-BB4A-ED846EF47970}" => removed successfully
HKLM\Software\Classes\CLSID\{364EA597-E728-4CE4-BB4A-ED846EF47970} => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@MapsGalaxy_39.com/Plugin" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully

"C:\Users\Hela\AppData\Local\Temp" folder move:

Could not move "C:\Users\Hela\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36B6D65E-8DD2-46B6-ACA8-CAC4CAA8F226}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36B6D65E-8DD2-46B6-ACA8-CAC4CAA8F226}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d362ec121b09f => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d362ec121b09f" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E04F77F9-B3DA-4759-9E80-A0F36B84406B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E04F77F9-B3DA-4759-9E80-A0F36B84406B}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d362ec4498954 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d362ec4498954" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EF1247E4-5E68-40C4-BB5A-14F43075AFD4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF1247E4-5E68-40C4-BB5A-14F43075AFD4}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 132559910 B
Java, Flash, Steam htmlcache => 135696 B
Windows/system/drivers => 3594699069 B
Edge => 0 B
Chrome => 37566967 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128742 B
systemprofile32 => 6330816 B
LocalService => 132244 B
NetworkService => 385564 B

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-08-2018 20:46:03)

==> ATTENTION: System is not rebooted.
C:\Users\Hela\AppData\Local\Temp => Could not move

==== End of Fixlog 20:46:11 ====

Re: Vytížený procesor na 60 - 100%

Napsal: 23 srp 2018 09:35
od Rudy
Log říká, že systém nebyl restartován. Ano, mazalo se něco z MSIE, ale jen zbytkové klíče po již neexistujících lištách. Teď na zkoušku vypněte aut. aktualizace systému, příp. přeinstalujte antivir.

Re: Vytížený procesor na 60 - 100%

Napsal: 23 srp 2018 18:59
od milanstransky77
Dobrý den,
- aktualizace vypnuty
- antivir odinstalován
- zrestartováno
- CPU stále okolo 60 % (zatím jsem proto antivir neinstaloval)
- NTB není připojen do sítě, abych vyloučil nákazu bez antiviru)

Děkuji za pomoc

Re: Vytížený procesor na 60 - 100%

Napsal: 23 srp 2018 20:02
od Rudy
OK. Podívejte se do správce úloh a zjistěte, který proces nejvíce zatěžuje systém.

Re: Vytížený procesor na 60 - 100%

Napsal: 23 srp 2018 20:12
od milanstransky77
Dobrý den,
zasílám

explorer 17 848 kB
dwm 11 235 kB
další mají pod 7 000 kB

Děkuji moc

Re: Vytížený procesor na 60 - 100%

Napsal: 23 srp 2018 21:01
od Rudy
Tyto hodnoty jsou normální. Zkuste obnovu systému k datu, kdy korektně fungoval.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz