Dobrý večer.
Mám prosbu.
Měl jsem na počítači nainstalován antivir od Microsoftu. Essentials. Dnes ráno se my zasekl a zpomalil celý počítač. Neustále se snažil bezvýsledně něco odstranit. Hádám že nějaký šmejd. Odinstaloval jsem ho, asi na pátý pokus a místo něj si vzal Avast. Jenže se bojím, že to můj problém neřeší.
Podíváte se prosím co mám v počítači za návštěvníky?
Log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by xxx at 2016-03-04 18:39:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 148 GB (31%) free of 477 GB
Total RAM: 3835 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:40:17, on 4.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\xxx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: (no name) - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{89709285-5AA6-4845-8F4F-A63EEA90DA7E}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8421 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2531c16e-ed9e-491c-b243-377460d3cac7 -SystemEventPortName:HostProcess-46cb023e-44ff-4796-b357-f6106d37dd45 -IoCancelEventPortName:HostProcess-d9783b86-64ff-4784-97a6-1bd44a93951f -NonStateChangingEventPortName:HostProcess-e198256a-9f70-448b-8ded-65274c987519 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c0dc29a4-6049-4091-aa9c-126478a063e6 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6120 --on-initialized-event-handle=544 --parent-handle=552
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4928.0.2020054226\158639030" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,24,52 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.712.1.2000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4928.2.1978926385\621210540" --font-cache-shared-handle=2252 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4928.3.1051350628\262517294" --font-cache-shared-handle=2352 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4928.5.1396368560\1688551154" --font-cache-shared-handle=3440 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4928.6.1514940854\1025196736" --font-cache-shared-handle=4528 /prefetch:673131151
"C:\Users\xxx\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForxxx.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForxxx (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-04 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-03-04 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-04 678656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9e35e959-d723-4b5f-9207-2a94f8ab9068}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-03-04 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-03-04 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{9e35e959-d723-4b5f-9207-2a94f8ab9068}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-03-04 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-30 4179288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-16 98304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-04 7139768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-04 18:39:48 ----D---- C:\rsit
2016-03-04 18:39:48 ----D---- C:\Program Files\trend micro
2016-03-04 10:36:15 ----D---- C:\ProgramData\Google
2016-03-04 10:35:32 ----A---- C:\Windows\system32\aswBoot.exe
2016-03-04 10:23:54 ----D---- C:\Users\xxx\AppData\Roaming\AVAST Software
2016-03-04 10:23:16 ----D---- C:\Program Files\Common Files\AV
2016-03-04 10:23:04 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-03-04 10:23:02 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-03-04 10:23:02 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-03-04 10:23:01 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-03-04 10:22:19 ----A---- C:\Windows\avastSS.scr
2016-03-04 10:21:03 ----D---- C:\Program Files\AVAST Software
2016-02-29 16:34:01 ----D---- C:\ProgramData\CanonIJ
2016-02-29 16:32:51 ----HD---- C:\ProgramData\CanonIJScan
2016-02-29 16:31:35 ----D---- C:\Users\xxx\AppData\Roaming\Canon
2016-02-29 16:31:10 ----HD---- C:\ProgramData\CanonIJMyPrinter
2016-02-29 16:26:38 ----D---- C:\Program Files\Canon
2016-02-29 16:25:01 ----D---- C:\Program Files (x86)\Canon
2016-02-29 16:19:05 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2016-02-29 16:19:00 ----A---- C:\Windows\SYSWOW64\CNC280U.dll
2016-02-29 16:19:00 ----A---- C:\Windows\SYSWOW64\CNC280L.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280L.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280I.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280C.dll
2016-02-29 16:18:07 ----A---- C:\Windows\system32\CNC280O.dll
2016-02-29 16:18:02 ----HD---- C:\Program Files\CanonBJ
2016-02-28 12:39:51 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-28 12:39:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-28 09:14:47 ----D---- C:\Program Files (x86)\DVD Shrink
2016-02-26 10:14:52 ----RD---- C:\Program Files (x86)\Skype
2016-02-20 09:30:16 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2016-02-19 14:55:07 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\ucrtbase.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-19 14:55:04 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-10 13:16:25 ----D---- C:\Program Files\Farming Simulator 15
2016-02-10 11:11:50 ----A---- C:\Windows\system32\InkEd.dll
2016-02-10 11:11:49 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-10 11:11:49 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:11:19 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\acmigration.dll
2016-02-10 11:10:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-10 11:10:55 ----A---- C:\Windows\system32\iertutil.dll
2016-02-10 11:10:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-10 11:10:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-10 11:10:52 ----A---- C:\Windows\system32\urlmon.dll
2016-02-10 11:10:52 ----A---- C:\Windows\system32\ieui.dll
2016-02-10 11:10:52 ----A---- C:\Windows\system32\ieframe.dll
2016-02-10 11:10:51 ----A---- C:\Windows\system32\mshtml.dll
2016-02-10 11:10:51 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-10 11:10:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\iernonce.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:10:13 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-10 11:10:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-10 11:10:12 ----A---- C:\Windows\system32\inseng.dll
2016-02-10 11:10:12 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-10 11:10:11 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:10:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-10 11:10:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-10 11:10:06 ----A---- C:\Windows\system32\occache.dll
2016-02-10 11:10:06 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-10 11:10:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-10 11:10:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:10:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-10 11:10:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-10 11:10:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-10 11:10:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:10:02 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-10 11:10:02 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-10 11:10:00 ----A---- C:\Windows\system32\iesetup.dll
2016-02-10 11:10:00 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-10 11:09:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-10 11:09:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 11:09:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-10 11:09:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-10 11:09:56 ----A---- C:\Windows\system32\vbscript.dll
2016-02-10 11:09:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-10 11:09:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-10 11:09:55 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-10 11:09:54 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-10 11:09:53 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\webcheck.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript9.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript.dll
2016-02-10 11:09:51 ----A---- C:\Windows\system32\wininet.dll
2016-02-10 11:09:50 ----A---- C:\Windows\system32\msrating.dll
2016-02-10 11:09:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:08:16 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-10 11:07:52 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-10 11:07:52 ----A---- C:\Windows\system32\wuapi.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wups2.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wups.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wudriver.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wucltux.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuapp.exe
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:07:50 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-10 11:07:20 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-10 11:07:20 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:07:20 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-10 11:07:15 ----A---- C:\Windows\system32\win32k.sys
2016-02-10 11:07:06 ----A---- C:\Windows\system32\ole32.dll
2016-02-10 11:07:01 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-10 11:06:24 ----A---- C:\Windows\system32\EncDec.dll
2016-02-10 11:06:23 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-10 11:06:23 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-10 11:06:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:06:23 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-10 11:06:22 ----A---- C:\Windows\system32\ntdll.dll
2016-02-10 11:06:22 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-10 11:06:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 11:06:21 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-10 11:06:21 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-10 11:06:21 ----A---- C:\Windows\system32\kerberos.dll
2016-02-10 11:06:20 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-10 11:06:20 ----A---- C:\Windows\system32\kernel32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\system32\advapi32.dll
2016-02-10 11:06:18 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-10 11:06:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-10 11:06:17 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-10 11:06:17 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-10 11:06:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\smss.exe
2016-02-10 11:06:15 ----A---- C:\Windows\system32\schannel.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-10 11:06:15 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64win.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\winsrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wdigest.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\sspicli.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\srcore.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\srclient.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\lsass.exe
2016-02-10 11:06:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-10 11:06:14 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\conhost.exe
2016-02-10 11:06:13 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-10 11:06:13 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-10 11:06:13 ----A---- C:\Windows\system32\secur32.dll
2016-02-10 11:06:13 ----A---- C:\Windows\system32\rstrui.exe
2016-02-10 11:06:13 ----A---- C:\Windows\system32\credssp.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-10 11:06:12 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-10 11:06:12 ----A---- C:\Windows\system32\auditpol.exe
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06:11 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-10 11:06:11 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06:09 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-10 11:06:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-10 11:06:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:06:07 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-10 11:06:06 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-10 11:06:06 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-10 11:06:06 ----A---- C:\Windows\system32\msaudite.dll
2016-02-10 11:06:06 ----A---- C:\Windows\system32\adtschema.dll
2016-02-10 11:06:05 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-10 11:06:04 ----A---- C:\Windows\system32\msobjs.dll
2016-02-10 11:05:33 ----A---- C:\Windows\system32\shell32.dll
2016-02-10 11:05:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-10 11:05:29 ----A---- C:\Windows\explorer.exe
2016-02-10 11:05:27 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-10 11:05:27 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:05:27 ----A---- C:\Windows\system32\authui.dll
2016-02-10 11:05:26 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-10 11:05:26 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-10 00:23:42 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-02-10 00:23:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-02-10 00:23:42 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-02-10 00:23:42 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-02-10 00:23:39 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-02-10 00:23:37 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-02-10 00:23:37 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-02-10 00:23:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-02-10 00:23:36 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-02-10 00:18:28 ----D---- C:\Program Files (x86)\Farming Simulator 2015
2016-02-05 10:08:10 ----D---- C:\Users\xxx\AppData\Roaming\dvdcss
======List of files/folders modified in the last 1 month======
2016-03-04 18:40:00 ----D---- C:\Windows\Prefetch
2016-03-04 18:39:50 ----D---- C:\Windows\Temp
2016-03-04 18:39:48 ----RD---- C:\Program Files
2016-03-04 14:15:15 ----D---- C:\Windows\System32
2016-03-04 14:15:15 ----D---- C:\Windows\inf
2016-03-04 14:15:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-04 14:11:22 ----D---- C:\Windows\system32\config
2016-03-04 14:07:06 ----D---- C:\Windows\system32\drivers
2016-03-04 14:07:05 ----D---- C:\Windows
2016-03-04 14:07:04 ----SHD---- C:\Config.Msi
2016-03-04 10:36:37 ----D---- C:\Windows\system32\Tasks
2016-03-04 10:36:33 ----RD---- C:\Program Files (x86)
2016-03-04 10:36:28 ----D---- C:\Program Files\Google
2016-03-04 10:36:28 ----D---- C:\Program Files (x86)\Google
2016-03-04 10:36:25 ----SHD---- C:\Windows\Installer
2016-03-04 10:36:15 ----HD---- C:\ProgramData
2016-03-04 10:23:16 ----D---- C:\Program Files\Common Files
2016-03-04 10:23:16 ----D---- C:\Program Files (x86)\Common Files
2016-03-04 10:22:44 ----D---- C:\Windows\winsxs
2016-03-04 10:20:45 ----D---- C:\ProgramData\AVAST Software
2016-03-04 09:50:40 ----D---- C:\Users\xxx\AppData\Roaming\DAEMON Tools Lite
2016-03-04 09:44:25 ----D---- C:\Users\xxx\AppData\Roaming\Skype
2016-03-03 11:11:26 ----D---- C:\Users\xxx\AppData\Roaming\vlc
2016-03-03 10:27:21 ----SHD---- C:\System Volume Information
2016-03-01 00:29:11 ----D---- C:\ProgramData\CanonIJPLM
2016-02-29 16:23:22 ----D---- C:\Windows\twain_32
2016-02-29 16:23:22 ----D---- C:\Windows\SysWOW64
2016-02-29 16:19:04 ----D---- C:\Windows\system32\DriverStore
2016-02-28 12:41:58 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-28 12:41:58 ----SD---- C:\Windows\system32\GWX
2016-02-28 09:19:13 ----D---- C:\ProgramData\DVD Shrink
2016-02-26 10:14:57 ----D---- C:\ProgramData\Skype
2016-02-26 00:31:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-25 13:05:04 ----D---- C:\Windows\Microsoft.NET
2016-02-25 00:58:56 ----D---- C:\Windows\system32\catroot
2016-02-25 00:34:25 ----D---- C:\Windows\Tasks
2016-02-25 00:34:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-02-21 05:11:25 ----D---- C:\Windows\system32\catroot2
2016-02-20 08:56:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-19 14:35:45 ----RSD---- C:\Windows\assembly
2016-02-19 13:05:05 ----D---- C:\Program Files (x86)\SpeedFan
2016-02-14 13:45:41 ----D---- C:\Windows\rescache
2016-02-12 16:27:55 ----D---- C:\Windows\Logs
2016-02-12 16:27:55 ----D---- C:\Windows\debug
2016-02-11 00:26:39 ----D---- C:\Program Files\Windows Journal
2016-02-11 00:26:38 ----SD---- C:\Windows\system32\CompatTel
2016-02-11 00:26:38 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-11 00:26:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-11 00:26:38 ----D---- C:\Windows\system32\en-US
2016-02-11 00:26:38 ----D---- C:\Windows\system32\cs-CZ
2016-02-11 00:26:38 ----D---- C:\Windows\system32\appraiser
2016-02-11 00:26:38 ----D---- C:\Windows\AppPatch
2016-02-11 00:26:38 ----D---- C:\Program Files\Internet Explorer
2016-02-11 00:26:38 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 00:26:22 ----D---- C:\Windows\cs-CZ
2016-02-10 19:27:49 ----D---- C:\Windows\system32\MRT
2016-02-10 19:27:49 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 16:48:30 ----D---- C:\Windows\SoftwareDistribution
2016-02-09 14:19:54 ----D---- C:\Windows\Downloaded Program Files
2016-02-09 07:38:15 ----D---- C:\ProgramData\Firefly Studios
2016-02-07 15:52:53 ----D---- C:\ProgramData\AlawarWrapper
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-03-04 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-03-04 287016]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-12 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-03-04 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-04 1065720]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-03-04 463744]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-03-04 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-04 107792]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2016-01-20 42696]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-16 6403584]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-16 188928]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-05 125456]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-12-20 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2015-12-20 46392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-03-04 165344]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2016-01-20 310984]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-16 6403584]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz134;cpuz134; \??\C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2010-07-09 21480]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2010-09-17 79680]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2010-10-25 20552]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-16 202752]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-04 237096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-09-28 25800]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-15 76888]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-02-23 2192176]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-30 1368408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-03-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-11 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomaly počítač
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomaly počítač
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jaroslav.24
- Návštěvník
- Příspěvky: 71
- Registrován: 01 zář 2011 16:14
Re: Pomaly počítač
Hotovo a restartováno. Požadovalo to po mě restart.
LOg:
# AdwCleaner v5.037 - Logfile created 04/03/2016 at 19:41:56
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : xxx - TAMERLINE
# Running from : C:\Users\xxx\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
***** [ Files ] *****
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_freeradiocast.dl.myway.com_0.localstorage
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_freeradiocast.dl.myway.com_0.localstorage-journal
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_freeradiocast.dl.tb.ask.com_0.localstorage
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_freeradiocast.dl.tb.ask.com_0.localstorage-journal
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.newtabtvplussearch.com_0.localstorage
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.newtabtvplussearch.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\onlinemapfinder.dl.tb.ask.com
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1857 bytes] - [04/03/2016 19:41:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [1866 bytes] - [04/03/2016 19:40:22]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2003 bytes] ##########
LOg:
# AdwCleaner v5.037 - Logfile created 04/03/2016 at 19:41:56
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : xxx - TAMERLINE
# Running from : C:\Users\xxx\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
***** [ Files ] *****
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_freeradiocast.dl.myway.com_0.localstorage
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_freeradiocast.dl.myway.com_0.localstorage-journal
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_freeradiocast.dl.tb.ask.com_0.localstorage
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_freeradiocast.dl.tb.ask.com_0.localstorage-journal
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.newtabtvplussearch.com_0.localstorage
[-] File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.newtabtvplussearch.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\onlinemapfinder.dl.tb.ask.com
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1857 bytes] - [04/03/2016 19:41:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [1866 bytes] - [04/03/2016 19:40:22]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2003 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomaly počítač
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jaroslav.24
- Návštěvník
- Příspěvky: 71
- Registrován: 01 zář 2011 16:14
Re: Pomaly počítač
Hotovo.
LOg:
Logfile of random's system information tool 1.10 (written by random/random)
Run by xxx at 2016-03-05 03:15:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 147 GB (31%) free of 477 GB
Total RAM: 3835 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:16:01, on 5.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\xxx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: (no name) - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{89709285-5AA6-4845-8F4F-A63EEA90DA7E}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7993 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {247027B1-F143-4BE5-945E-277FA7F13952}
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:\Windows\system32\GWX\GWX.exe"
taskeng.exe {2DE0C6B8-AA48-432E-976F-018549115E52}
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0fa0d525-04b7-42ab-b942-4de7d656ce78 -SystemEventPortName:HostProcess-57bb1db7-0487-471a-a759-f14e619295f2 -IoCancelEventPortName:HostProcess-e4cd36b1-5562-4bd6-a7ec-58318f5ad89f -NonStateChangingEventPortName:HostProcess-44105b47-f2e5-4059-b1fe-756ecee14662 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bb6491f0-7763-40be-a773-7f91f624ae28 -DeviceGroupId:WpdFsGroup
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\xxx\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForxxx.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForxxx (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-04 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-03-04 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-04 678656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9e35e959-d723-4b5f-9207-2a94f8ab9068}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-03-04 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-03-04 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{9e35e959-d723-4b5f-9207-2a94f8ab9068}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-03-04 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-30 4179288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-16 98304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-04 7139768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-04 19:40:11 ----D---- C:\AdwCleaner
2016-03-04 18:39:48 ----D---- C:\rsit
2016-03-04 18:39:48 ----D---- C:\Program Files\trend micro
2016-03-04 10:36:15 ----D---- C:\ProgramData\Google
2016-03-04 10:35:32 ----A---- C:\Windows\system32\aswBoot.exe
2016-03-04 10:23:54 ----D---- C:\Users\xxx\AppData\Roaming\AVAST Software
2016-03-04 10:23:16 ----D---- C:\Program Files\Common Files\AV
2016-03-04 10:23:04 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-03-04 10:23:02 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-03-04 10:23:02 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-03-04 10:23:01 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-03-04 10:22:19 ----A---- C:\Windows\avastSS.scr
2016-03-04 10:21:03 ----D---- C:\Program Files\AVAST Software
2016-02-29 16:34:01 ----D---- C:\ProgramData\CanonIJ
2016-02-29 16:32:51 ----HD---- C:\ProgramData\CanonIJScan
2016-02-29 16:31:35 ----D---- C:\Users\xxx\AppData\Roaming\Canon
2016-02-29 16:31:10 ----HD---- C:\ProgramData\CanonIJMyPrinter
2016-02-29 16:26:38 ----D---- C:\Program Files\Canon
2016-02-29 16:25:01 ----D---- C:\Program Files (x86)\Canon
2016-02-29 16:19:05 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2016-02-29 16:19:00 ----A---- C:\Windows\SYSWOW64\CNC280U.dll
2016-02-29 16:19:00 ----A---- C:\Windows\SYSWOW64\CNC280L.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280L.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280I.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280C.dll
2016-02-29 16:18:07 ----A---- C:\Windows\system32\CNC280O.dll
2016-02-29 16:18:02 ----HD---- C:\Program Files\CanonBJ
2016-02-28 12:39:51 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-28 12:39:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-28 09:14:47 ----D---- C:\Program Files (x86)\DVD Shrink
2016-02-26 10:14:52 ----RD---- C:\Program Files (x86)\Skype
2016-02-20 09:30:16 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2016-02-19 14:55:07 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\ucrtbase.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-19 14:55:04 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-10 13:16:25 ----D---- C:\Program Files\Farming Simulator 15
2016-02-10 11:11:50 ----A---- C:\Windows\system32\InkEd.dll
2016-02-10 11:11:49 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-10 11:11:49 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:11:19 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\acmigration.dll
2016-02-10 11:10:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-10 11:10:55 ----A---- C:\Windows\system32\iertutil.dll
2016-02-10 11:10:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-10 11:10:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-10 11:10:52 ----A---- C:\Windows\system32\urlmon.dll
2016-02-10 11:10:52 ----A---- C:\Windows\system32\ieui.dll
2016-02-10 11:10:52 ----A---- C:\Windows\system32\ieframe.dll
2016-02-10 11:10:51 ----A---- C:\Windows\system32\mshtml.dll
2016-02-10 11:10:51 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-10 11:10:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\iernonce.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:10:13 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-10 11:10:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-10 11:10:12 ----A---- C:\Windows\system32\inseng.dll
2016-02-10 11:10:12 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-10 11:10:11 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:10:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-10 11:10:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-10 11:10:06 ----A---- C:\Windows\system32\occache.dll
2016-02-10 11:10:06 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-10 11:10:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-10 11:10:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:10:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-10 11:10:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-10 11:10:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-10 11:10:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:10:02 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-10 11:10:02 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-10 11:10:00 ----A---- C:\Windows\system32\iesetup.dll
2016-02-10 11:10:00 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-10 11:09:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-10 11:09:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 11:09:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-10 11:09:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-10 11:09:56 ----A---- C:\Windows\system32\vbscript.dll
2016-02-10 11:09:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-10 11:09:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-10 11:09:55 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-10 11:09:54 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-10 11:09:53 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\webcheck.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript9.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript.dll
2016-02-10 11:09:51 ----A---- C:\Windows\system32\wininet.dll
2016-02-10 11:09:50 ----A---- C:\Windows\system32\msrating.dll
2016-02-10 11:09:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:08:16 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-10 11:07:52 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-10 11:07:52 ----A---- C:\Windows\system32\wuapi.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wups2.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wups.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wudriver.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wucltux.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuapp.exe
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:07:50 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-10 11:07:20 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-10 11:07:20 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:07:20 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-10 11:07:15 ----A---- C:\Windows\system32\win32k.sys
2016-02-10 11:07:06 ----A---- C:\Windows\system32\ole32.dll
2016-02-10 11:07:01 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-10 11:06:24 ----A---- C:\Windows\system32\EncDec.dll
2016-02-10 11:06:23 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-10 11:06:23 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-10 11:06:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:06:23 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-10 11:06:22 ----A---- C:\Windows\system32\ntdll.dll
2016-02-10 11:06:22 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-10 11:06:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 11:06:21 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-10 11:06:21 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-10 11:06:21 ----A---- C:\Windows\system32\kerberos.dll
2016-02-10 11:06:20 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-10 11:06:20 ----A---- C:\Windows\system32\kernel32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\system32\advapi32.dll
2016-02-10 11:06:18 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-10 11:06:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-10 11:06:17 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-10 11:06:17 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-10 11:06:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\smss.exe
2016-02-10 11:06:15 ----A---- C:\Windows\system32\schannel.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-10 11:06:15 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64win.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\winsrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wdigest.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\sspicli.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\srcore.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\srclient.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\lsass.exe
2016-02-10 11:06:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-10 11:06:14 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\conhost.exe
2016-02-10 11:06:13 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-10 11:06:13 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-10 11:06:13 ----A---- C:\Windows\system32\secur32.dll
2016-02-10 11:06:13 ----A---- C:\Windows\system32\rstrui.exe
2016-02-10 11:06:13 ----A---- C:\Windows\system32\credssp.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-10 11:06:12 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-10 11:06:12 ----A---- C:\Windows\system32\auditpol.exe
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06:11 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-10 11:06:11 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06:09 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-10 11:06:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-10 11:06:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:06:07 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-10 11:06:06 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-10 11:06:06 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-10 11:06:06 ----A---- C:\Windows\system32\msaudite.dll
2016-02-10 11:06:06 ----A---- C:\Windows\system32\adtschema.dll
2016-02-10 11:06:05 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-10 11:06:04 ----A---- C:\Windows\system32\msobjs.dll
2016-02-10 11:05:33 ----A---- C:\Windows\system32\shell32.dll
2016-02-10 11:05:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-10 11:05:29 ----A---- C:\Windows\explorer.exe
2016-02-10 11:05:27 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-10 11:05:27 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:05:27 ----A---- C:\Windows\system32\authui.dll
2016-02-10 11:05:26 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-10 11:05:26 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-10 00:23:42 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-02-10 00:23:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-02-10 00:23:42 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-02-10 00:23:42 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-02-10 00:23:39 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-02-10 00:23:37 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-02-10 00:23:37 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-02-10 00:23:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-02-10 00:23:36 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-02-10 00:18:28 ----D---- C:\Program Files (x86)\Farming Simulator 2015
======List of files/folders modified in the last 1 month======
2016-03-05 03:15:38 ----D---- C:\Windows\Prefetch
2016-03-05 03:13:34 ----D---- C:\Windows\Temp
2016-03-04 20:04:20 ----D---- C:\Windows\system32\config
2016-03-04 19:48:31 ----D---- C:\Windows\System32
2016-03-04 19:48:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-04 19:48:30 ----D---- C:\Windows\inf
2016-03-04 19:41:56 ----HD---- C:\ProgramData
2016-03-04 18:39:48 ----RD---- C:\Program Files
2016-03-04 14:07:06 ----D---- C:\Windows\system32\drivers
2016-03-04 14:07:05 ----D---- C:\Windows
2016-03-04 14:07:04 ----SHD---- C:\Config.Msi
2016-03-04 10:36:37 ----D---- C:\Windows\system32\Tasks
2016-03-04 10:36:33 ----RD---- C:\Program Files (x86)
2016-03-04 10:36:28 ----D---- C:\Program Files\Google
2016-03-04 10:36:28 ----D---- C:\Program Files (x86)\Google
2016-03-04 10:36:25 ----SHD---- C:\Windows\Installer
2016-03-04 10:23:16 ----D---- C:\Program Files\Common Files
2016-03-04 10:23:16 ----D---- C:\Program Files (x86)\Common Files
2016-03-04 10:22:44 ----D---- C:\Windows\winsxs
2016-03-04 10:20:45 ----D---- C:\ProgramData\AVAST Software
2016-03-04 09:50:40 ----D---- C:\Users\xxx\AppData\Roaming\DAEMON Tools Lite
2016-03-04 09:44:25 ----D---- C:\Users\xxx\AppData\Roaming\Skype
2016-03-03 11:11:26 ----D---- C:\Users\xxx\AppData\Roaming\vlc
2016-03-03 10:27:21 ----SHD---- C:\System Volume Information
2016-03-02 10:16:55 ----D---- C:\Users\xxx\AppData\Roaming\dvdcss
2016-03-01 00:29:11 ----D---- C:\ProgramData\CanonIJPLM
2016-02-29 16:23:22 ----D---- C:\Windows\twain_32
2016-02-29 16:23:22 ----D---- C:\Windows\SysWOW64
2016-02-29 16:19:04 ----D---- C:\Windows\system32\DriverStore
2016-02-28 12:41:58 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-28 12:41:58 ----SD---- C:\Windows\system32\GWX
2016-02-28 09:19:13 ----D---- C:\ProgramData\DVD Shrink
2016-02-26 10:14:57 ----D---- C:\ProgramData\Skype
2016-02-26 00:31:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-25 13:05:04 ----D---- C:\Windows\Microsoft.NET
2016-02-25 00:58:56 ----D---- C:\Windows\system32\catroot
2016-02-25 00:34:25 ----D---- C:\Windows\Tasks
2016-02-25 00:34:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-02-21 05:11:25 ----D---- C:\Windows\system32\catroot2
2016-02-20 08:56:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-19 14:35:45 ----RSD---- C:\Windows\assembly
2016-02-19 13:05:05 ----D---- C:\Program Files (x86)\SpeedFan
2016-02-14 13:45:41 ----D---- C:\Windows\rescache
2016-02-12 16:27:55 ----D---- C:\Windows\Logs
2016-02-12 16:27:55 ----D---- C:\Windows\debug
2016-02-11 00:26:39 ----D---- C:\Program Files\Windows Journal
2016-02-11 00:26:38 ----SD---- C:\Windows\system32\CompatTel
2016-02-11 00:26:38 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-11 00:26:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-11 00:26:38 ----D---- C:\Windows\system32\en-US
2016-02-11 00:26:38 ----D---- C:\Windows\system32\cs-CZ
2016-02-11 00:26:38 ----D---- C:\Windows\system32\appraiser
2016-02-11 00:26:38 ----D---- C:\Windows\AppPatch
2016-02-11 00:26:38 ----D---- C:\Program Files\Internet Explorer
2016-02-11 00:26:38 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 00:26:22 ----D---- C:\Windows\cs-CZ
2016-02-10 19:27:49 ----D---- C:\Windows\system32\MRT
2016-02-10 19:27:49 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 16:48:30 ----D---- C:\Windows\SoftwareDistribution
2016-02-09 14:19:54 ----D---- C:\Windows\Downloaded Program Files
2016-02-09 07:38:15 ----D---- C:\ProgramData\Firefly Studios
2016-02-07 15:52:53 ----D---- C:\ProgramData\AlawarWrapper
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-03-04 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-03-04 287016]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-12 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-03-04 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-04 1065720]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-03-04 463744]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-03-04 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-04 107792]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2016-01-20 42696]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-16 6403584]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-16 188928]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-05 125456]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-12-20 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2015-12-20 46392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-03-04 165344]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2016-01-20 310984]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-16 6403584]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz134;cpuz134; \??\C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2010-07-09 21480]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2010-09-17 79680]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2010-10-25 20552]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-16 202752]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-04 237096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-09-28 25800]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-15 76888]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-02-23 2192176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-30 1368408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-03-04 194032]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-11 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
LOg:
Logfile of random's system information tool 1.10 (written by random/random)
Run by xxx at 2016-03-05 03:15:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 147 GB (31%) free of 477 GB
Total RAM: 3835 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:16:01, on 5.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\xxx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: (no name) - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{89709285-5AA6-4845-8F4F-A63EEA90DA7E}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7993 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {247027B1-F143-4BE5-945E-277FA7F13952}
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:\Windows\system32\GWX\GWX.exe"
taskeng.exe {2DE0C6B8-AA48-432E-976F-018549115E52}
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0fa0d525-04b7-42ab-b942-4de7d656ce78 -SystemEventPortName:HostProcess-57bb1db7-0487-471a-a759-f14e619295f2 -IoCancelEventPortName:HostProcess-e4cd36b1-5562-4bd6-a7ec-58318f5ad89f -NonStateChangingEventPortName:HostProcess-44105b47-f2e5-4059-b1fe-756ecee14662 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bb6491f0-7763-40be-a773-7f91f624ae28 -DeviceGroupId:WpdFsGroup
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\xxx\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForxxx.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForxxx (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-04 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-03-04 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-04 678656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9e35e959-d723-4b5f-9207-2a94f8ab9068}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-03-04 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-03-04 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{9e35e959-d723-4b5f-9207-2a94f8ab9068}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-03-04 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-30 4179288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-16 98304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-04 7139768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-04 19:40:11 ----D---- C:\AdwCleaner
2016-03-04 18:39:48 ----D---- C:\rsit
2016-03-04 18:39:48 ----D---- C:\Program Files\trend micro
2016-03-04 10:36:15 ----D---- C:\ProgramData\Google
2016-03-04 10:35:32 ----A---- C:\Windows\system32\aswBoot.exe
2016-03-04 10:23:54 ----D---- C:\Users\xxx\AppData\Roaming\AVAST Software
2016-03-04 10:23:16 ----D---- C:\Program Files\Common Files\AV
2016-03-04 10:23:04 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-03-04 10:23:02 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-03-04 10:23:02 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-03-04 10:23:01 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-03-04 10:22:19 ----A---- C:\Windows\avastSS.scr
2016-03-04 10:21:03 ----D---- C:\Program Files\AVAST Software
2016-02-29 16:34:01 ----D---- C:\ProgramData\CanonIJ
2016-02-29 16:32:51 ----HD---- C:\ProgramData\CanonIJScan
2016-02-29 16:31:35 ----D---- C:\Users\xxx\AppData\Roaming\Canon
2016-02-29 16:31:10 ----HD---- C:\ProgramData\CanonIJMyPrinter
2016-02-29 16:26:38 ----D---- C:\Program Files\Canon
2016-02-29 16:25:01 ----D---- C:\Program Files (x86)\Canon
2016-02-29 16:19:05 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2016-02-29 16:19:00 ----A---- C:\Windows\SYSWOW64\CNC280U.dll
2016-02-29 16:19:00 ----A---- C:\Windows\SYSWOW64\CNC280L.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280L.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280I.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280C.dll
2016-02-29 16:18:07 ----A---- C:\Windows\system32\CNC280O.dll
2016-02-29 16:18:02 ----HD---- C:\Program Files\CanonBJ
2016-02-28 12:39:51 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-28 12:39:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-28 09:14:47 ----D---- C:\Program Files (x86)\DVD Shrink
2016-02-26 10:14:52 ----RD---- C:\Program Files (x86)\Skype
2016-02-20 09:30:16 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2016-02-19 14:55:07 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\ucrtbase.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-19 14:55:04 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-10 13:16:25 ----D---- C:\Program Files\Farming Simulator 15
2016-02-10 11:11:50 ----A---- C:\Windows\system32\InkEd.dll
2016-02-10 11:11:49 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-10 11:11:49 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:11:19 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\acmigration.dll
2016-02-10 11:10:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-10 11:10:55 ----A---- C:\Windows\system32\iertutil.dll
2016-02-10 11:10:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-10 11:10:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-10 11:10:52 ----A---- C:\Windows\system32\urlmon.dll
2016-02-10 11:10:52 ----A---- C:\Windows\system32\ieui.dll
2016-02-10 11:10:52 ----A---- C:\Windows\system32\ieframe.dll
2016-02-10 11:10:51 ----A---- C:\Windows\system32\mshtml.dll
2016-02-10 11:10:51 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-10 11:10:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\iernonce.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:10:13 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-10 11:10:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-10 11:10:12 ----A---- C:\Windows\system32\inseng.dll
2016-02-10 11:10:12 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-10 11:10:11 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:10:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-10 11:10:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-10 11:10:06 ----A---- C:\Windows\system32\occache.dll
2016-02-10 11:10:06 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-10 11:10:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-10 11:10:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:10:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-10 11:10:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-10 11:10:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-10 11:10:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:10:02 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-10 11:10:02 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-10 11:10:00 ----A---- C:\Windows\system32\iesetup.dll
2016-02-10 11:10:00 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-10 11:09:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-10 11:09:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 11:09:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-10 11:09:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-10 11:09:56 ----A---- C:\Windows\system32\vbscript.dll
2016-02-10 11:09:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-10 11:09:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-10 11:09:55 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-10 11:09:54 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-10 11:09:53 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\webcheck.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript9.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript.dll
2016-02-10 11:09:51 ----A---- C:\Windows\system32\wininet.dll
2016-02-10 11:09:50 ----A---- C:\Windows\system32\msrating.dll
2016-02-10 11:09:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:08:16 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-10 11:07:52 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-10 11:07:52 ----A---- C:\Windows\system32\wuapi.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wups2.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wups.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wudriver.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wucltux.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuapp.exe
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:07:50 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-10 11:07:20 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-10 11:07:20 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:07:20 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-10 11:07:15 ----A---- C:\Windows\system32\win32k.sys
2016-02-10 11:07:06 ----A---- C:\Windows\system32\ole32.dll
2016-02-10 11:07:01 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-10 11:06:24 ----A---- C:\Windows\system32\EncDec.dll
2016-02-10 11:06:23 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-10 11:06:23 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-10 11:06:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:06:23 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-10 11:06:22 ----A---- C:\Windows\system32\ntdll.dll
2016-02-10 11:06:22 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-10 11:06:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 11:06:21 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-10 11:06:21 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-10 11:06:21 ----A---- C:\Windows\system32\kerberos.dll
2016-02-10 11:06:20 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-10 11:06:20 ----A---- C:\Windows\system32\kernel32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\system32\advapi32.dll
2016-02-10 11:06:18 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-10 11:06:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-10 11:06:17 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-10 11:06:17 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-10 11:06:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\smss.exe
2016-02-10 11:06:15 ----A---- C:\Windows\system32\schannel.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-10 11:06:15 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64win.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\winsrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wdigest.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\sspicli.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\srcore.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\srclient.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\lsass.exe
2016-02-10 11:06:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-10 11:06:14 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\conhost.exe
2016-02-10 11:06:13 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-10 11:06:13 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-10 11:06:13 ----A---- C:\Windows\system32\secur32.dll
2016-02-10 11:06:13 ----A---- C:\Windows\system32\rstrui.exe
2016-02-10 11:06:13 ----A---- C:\Windows\system32\credssp.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-10 11:06:12 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-10 11:06:12 ----A---- C:\Windows\system32\auditpol.exe
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06:11 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-10 11:06:11 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06:09 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-10 11:06:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-10 11:06:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:06:07 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-10 11:06:06 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-10 11:06:06 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-10 11:06:06 ----A---- C:\Windows\system32\msaudite.dll
2016-02-10 11:06:06 ----A---- C:\Windows\system32\adtschema.dll
2016-02-10 11:06:05 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-10 11:06:04 ----A---- C:\Windows\system32\msobjs.dll
2016-02-10 11:05:33 ----A---- C:\Windows\system32\shell32.dll
2016-02-10 11:05:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-10 11:05:29 ----A---- C:\Windows\explorer.exe
2016-02-10 11:05:27 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-10 11:05:27 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:05:27 ----A---- C:\Windows\system32\authui.dll
2016-02-10 11:05:26 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-10 11:05:26 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-10 00:23:42 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-02-10 00:23:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-02-10 00:23:42 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-02-10 00:23:42 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-02-10 00:23:39 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-02-10 00:23:37 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-02-10 00:23:37 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-02-10 00:23:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-02-10 00:23:36 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-02-10 00:18:28 ----D---- C:\Program Files (x86)\Farming Simulator 2015
======List of files/folders modified in the last 1 month======
2016-03-05 03:15:38 ----D---- C:\Windows\Prefetch
2016-03-05 03:13:34 ----D---- C:\Windows\Temp
2016-03-04 20:04:20 ----D---- C:\Windows\system32\config
2016-03-04 19:48:31 ----D---- C:\Windows\System32
2016-03-04 19:48:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-04 19:48:30 ----D---- C:\Windows\inf
2016-03-04 19:41:56 ----HD---- C:\ProgramData
2016-03-04 18:39:48 ----RD---- C:\Program Files
2016-03-04 14:07:06 ----D---- C:\Windows\system32\drivers
2016-03-04 14:07:05 ----D---- C:\Windows
2016-03-04 14:07:04 ----SHD---- C:\Config.Msi
2016-03-04 10:36:37 ----D---- C:\Windows\system32\Tasks
2016-03-04 10:36:33 ----RD---- C:\Program Files (x86)
2016-03-04 10:36:28 ----D---- C:\Program Files\Google
2016-03-04 10:36:28 ----D---- C:\Program Files (x86)\Google
2016-03-04 10:36:25 ----SHD---- C:\Windows\Installer
2016-03-04 10:23:16 ----D---- C:\Program Files\Common Files
2016-03-04 10:23:16 ----D---- C:\Program Files (x86)\Common Files
2016-03-04 10:22:44 ----D---- C:\Windows\winsxs
2016-03-04 10:20:45 ----D---- C:\ProgramData\AVAST Software
2016-03-04 09:50:40 ----D---- C:\Users\xxx\AppData\Roaming\DAEMON Tools Lite
2016-03-04 09:44:25 ----D---- C:\Users\xxx\AppData\Roaming\Skype
2016-03-03 11:11:26 ----D---- C:\Users\xxx\AppData\Roaming\vlc
2016-03-03 10:27:21 ----SHD---- C:\System Volume Information
2016-03-02 10:16:55 ----D---- C:\Users\xxx\AppData\Roaming\dvdcss
2016-03-01 00:29:11 ----D---- C:\ProgramData\CanonIJPLM
2016-02-29 16:23:22 ----D---- C:\Windows\twain_32
2016-02-29 16:23:22 ----D---- C:\Windows\SysWOW64
2016-02-29 16:19:04 ----D---- C:\Windows\system32\DriverStore
2016-02-28 12:41:58 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-28 12:41:58 ----SD---- C:\Windows\system32\GWX
2016-02-28 09:19:13 ----D---- C:\ProgramData\DVD Shrink
2016-02-26 10:14:57 ----D---- C:\ProgramData\Skype
2016-02-26 00:31:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-25 13:05:04 ----D---- C:\Windows\Microsoft.NET
2016-02-25 00:58:56 ----D---- C:\Windows\system32\catroot
2016-02-25 00:34:25 ----D---- C:\Windows\Tasks
2016-02-25 00:34:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-02-21 05:11:25 ----D---- C:\Windows\system32\catroot2
2016-02-20 08:56:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-19 14:35:45 ----RSD---- C:\Windows\assembly
2016-02-19 13:05:05 ----D---- C:\Program Files (x86)\SpeedFan
2016-02-14 13:45:41 ----D---- C:\Windows\rescache
2016-02-12 16:27:55 ----D---- C:\Windows\Logs
2016-02-12 16:27:55 ----D---- C:\Windows\debug
2016-02-11 00:26:39 ----D---- C:\Program Files\Windows Journal
2016-02-11 00:26:38 ----SD---- C:\Windows\system32\CompatTel
2016-02-11 00:26:38 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-11 00:26:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-11 00:26:38 ----D---- C:\Windows\system32\en-US
2016-02-11 00:26:38 ----D---- C:\Windows\system32\cs-CZ
2016-02-11 00:26:38 ----D---- C:\Windows\system32\appraiser
2016-02-11 00:26:38 ----D---- C:\Windows\AppPatch
2016-02-11 00:26:38 ----D---- C:\Program Files\Internet Explorer
2016-02-11 00:26:38 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 00:26:22 ----D---- C:\Windows\cs-CZ
2016-02-10 19:27:49 ----D---- C:\Windows\system32\MRT
2016-02-10 19:27:49 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 16:48:30 ----D---- C:\Windows\SoftwareDistribution
2016-02-09 14:19:54 ----D---- C:\Windows\Downloaded Program Files
2016-02-09 07:38:15 ----D---- C:\ProgramData\Firefly Studios
2016-02-07 15:52:53 ----D---- C:\ProgramData\AlawarWrapper
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-03-04 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-03-04 287016]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-12 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-03-04 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-04 1065720]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-03-04 463744]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-03-04 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-04 107792]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2016-01-20 42696]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-16 6403584]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-16 188928]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-05 125456]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-12-20 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2015-12-20 46392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-03-04 165344]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2016-01-20 310984]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-16 6403584]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz134;cpuz134; \??\C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2010-07-09 21480]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2010-09-17 79680]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2010-10-25 20552]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-16 202752]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-04 237096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-09-28 25800]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-15 76888]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-02-23 2192176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-30 1368408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-03-04 194032]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-11 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomaly počítač
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Ddejte nový log RSIT.:files
C:\Program Files (x86)\Google\Google Toolbar
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9e35e959-d723-4b5f-9207-2a94f8ab9068}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]/64
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jaroslav.24
- Návštěvník
- Příspěvky: 71
- Registrován: 01 zář 2011 16:14
Re: Pomaly počítač
Hotovo.
Log RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by xxx at 2016-03-05 14:18:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 148 GB (31%) free of 477 GB
Total RAM: 3835 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:18:31, on 5.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\xxx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{89709285-5AA6-4845-8F4F-A63EEA90DA7E}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7561 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
taskeng.exe {655C74E4-620C-49A2-AC83-3CDB46103A91}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
"taskhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ac7c0ac6-fa60-4178-b1f8-59c1e76d4955 -SystemEventPortName:HostProcess-1a5e54d5-fbe8-417d-a650-6f48e5121394 -IoCancelEventPortName:HostProcess-1b239f48-82e2-45da-b1a8-9b876ae3234f -NonStateChangingEventPortName:HostProcess-ea9106cc-e6d3-4a78-baf8-6dc533ce5905 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:539fd193-3c95-4591-98cb-b04f78f2f41c -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskeng.exe {5BE555E1-C32C-4C53-A360-2AFDDB372B32}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\xxx\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\HPCeeScheduleForxxx.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForxxx (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-04 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-04 678656]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-30 4179288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-16 98304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-04 7139768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-05 14:12:19 ----D---- C:\_OTM
2016-03-04 19:40:11 ----D---- C:\AdwCleaner
2016-03-04 18:39:48 ----D---- C:\rsit
2016-03-04 18:39:48 ----D---- C:\Program Files\trend micro
2016-03-04 10:36:15 ----D---- C:\ProgramData\Google
2016-03-04 10:35:32 ----A---- C:\Windows\system32\aswBoot.exe
2016-03-04 10:23:54 ----D---- C:\Users\xxx\AppData\Roaming\AVAST Software
2016-03-04 10:23:16 ----D---- C:\Program Files\Common Files\AV
2016-03-04 10:23:04 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-03-04 10:23:02 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-03-04 10:23:02 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-03-04 10:23:01 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-03-04 10:22:19 ----A---- C:\Windows\avastSS.scr
2016-03-04 10:21:03 ----D---- C:\Program Files\AVAST Software
2016-02-29 16:34:01 ----D---- C:\ProgramData\CanonIJ
2016-02-29 16:32:51 ----HD---- C:\ProgramData\CanonIJScan
2016-02-29 16:31:35 ----D---- C:\Users\xxx\AppData\Roaming\Canon
2016-02-29 16:31:10 ----HD---- C:\ProgramData\CanonIJMyPrinter
2016-02-29 16:26:38 ----D---- C:\Program Files\Canon
2016-02-29 16:25:01 ----D---- C:\Program Files (x86)\Canon
2016-02-29 16:19:05 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2016-02-29 16:19:00 ----A---- C:\Windows\SYSWOW64\CNC280U.dll
2016-02-29 16:19:00 ----A---- C:\Windows\SYSWOW64\CNC280L.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280L.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280I.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280C.dll
2016-02-29 16:18:07 ----A---- C:\Windows\system32\CNC280O.dll
2016-02-29 16:18:02 ----HD---- C:\Program Files\CanonBJ
2016-02-28 12:39:51 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-28 12:39:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-28 09:14:47 ----D---- C:\Program Files (x86)\DVD Shrink
2016-02-26 10:14:52 ----RD---- C:\Program Files (x86)\Skype
2016-02-20 09:30:16 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2016-02-19 14:55:07 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\ucrtbase.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-19 14:55:04 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-10 13:16:25 ----D---- C:\Program Files\Farming Simulator 15
2016-02-10 11:11:50 ----A---- C:\Windows\system32\InkEd.dll
2016-02-10 11:11:49 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-10 11:11:49 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:11:19 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\acmigration.dll
2016-02-10 11:10:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-10 11:10:55 ----A---- C:\Windows\system32\iertutil.dll
2016-02-10 11:10:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-10 11:10:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-10 11:10:52 ----A---- C:\Windows\system32\urlmon.dll
2016-02-10 11:10:52 ----A---- C:\Windows\system32\ieui.dll
2016-02-10 11:10:52 ----A---- C:\Windows\system32\ieframe.dll
2016-02-10 11:10:51 ----A---- C:\Windows\system32\mshtml.dll
2016-02-10 11:10:51 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-10 11:10:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\iernonce.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:10:13 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-10 11:10:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-10 11:10:12 ----A---- C:\Windows\system32\inseng.dll
2016-02-10 11:10:12 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-10 11:10:11 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:10:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-10 11:10:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-10 11:10:06 ----A---- C:\Windows\system32\occache.dll
2016-02-10 11:10:06 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-10 11:10:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-10 11:10:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:10:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-10 11:10:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-10 11:10:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-10 11:10:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:10:02 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-10 11:10:02 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-10 11:10:00 ----A---- C:\Windows\system32\iesetup.dll
2016-02-10 11:10:00 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-10 11:09:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-10 11:09:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 11:09:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-10 11:09:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-10 11:09:56 ----A---- C:\Windows\system32\vbscript.dll
2016-02-10 11:09:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-10 11:09:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-10 11:09:55 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-10 11:09:54 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-10 11:09:53 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\webcheck.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript9.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript.dll
2016-02-10 11:09:51 ----A---- C:\Windows\system32\wininet.dll
2016-02-10 11:09:50 ----A---- C:\Windows\system32\msrating.dll
2016-02-10 11:09:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:08:16 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-10 11:07:52 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-10 11:07:52 ----A---- C:\Windows\system32\wuapi.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wups2.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wups.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wudriver.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wucltux.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuapp.exe
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:07:50 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-10 11:07:20 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-10 11:07:20 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:07:20 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-10 11:07:15 ----A---- C:\Windows\system32\win32k.sys
2016-02-10 11:07:06 ----A---- C:\Windows\system32\ole32.dll
2016-02-10 11:07:01 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-10 11:06:24 ----A---- C:\Windows\system32\EncDec.dll
2016-02-10 11:06:23 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-10 11:06:23 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-10 11:06:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:06:23 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-10 11:06:22 ----A---- C:\Windows\system32\ntdll.dll
2016-02-10 11:06:22 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-10 11:06:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 11:06:21 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-10 11:06:21 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-10 11:06:21 ----A---- C:\Windows\system32\kerberos.dll
2016-02-10 11:06:20 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-10 11:06:20 ----A---- C:\Windows\system32\kernel32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\system32\advapi32.dll
2016-02-10 11:06:18 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-10 11:06:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-10 11:06:17 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-10 11:06:17 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-10 11:06:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\smss.exe
2016-02-10 11:06:15 ----A---- C:\Windows\system32\schannel.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-10 11:06:15 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64win.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\winsrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wdigest.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\sspicli.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\srcore.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\srclient.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\lsass.exe
2016-02-10 11:06:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-10 11:06:14 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\conhost.exe
2016-02-10 11:06:13 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-10 11:06:13 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-10 11:06:13 ----A---- C:\Windows\system32\secur32.dll
2016-02-10 11:06:13 ----A---- C:\Windows\system32\rstrui.exe
2016-02-10 11:06:13 ----A---- C:\Windows\system32\credssp.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-10 11:06:12 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-10 11:06:12 ----A---- C:\Windows\system32\auditpol.exe
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06:11 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-10 11:06:11 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06:09 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-10 11:06:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-10 11:06:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:06:07 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-10 11:06:06 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-10 11:06:06 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-10 11:06:06 ----A---- C:\Windows\system32\msaudite.dll
2016-02-10 11:06:06 ----A---- C:\Windows\system32\adtschema.dll
2016-02-10 11:06:05 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-10 11:06:04 ----A---- C:\Windows\system32\msobjs.dll
2016-02-10 11:05:33 ----A---- C:\Windows\system32\shell32.dll
2016-02-10 11:05:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-10 11:05:29 ----A---- C:\Windows\explorer.exe
2016-02-10 11:05:27 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-10 11:05:27 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:05:27 ----A---- C:\Windows\system32\authui.dll
2016-02-10 11:05:26 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-10 11:05:26 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-10 00:23:42 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-02-10 00:23:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-02-10 00:23:42 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-02-10 00:23:42 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-02-10 00:23:39 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-02-10 00:23:37 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-02-10 00:23:37 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-02-10 00:23:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-02-10 00:23:36 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-02-10 00:18:28 ----D---- C:\Program Files (x86)\Farming Simulator 2015
======List of files/folders modified in the last 1 month======
2016-03-05 14:18:30 ----D---- C:\Windows\Temp
2016-03-05 14:13:55 ----D---- C:\Windows\system32\config
2016-03-05 14:13:37 ----D---- C:\Windows\System32
2016-03-05 14:13:37 ----D---- C:\Windows\inf
2016-03-05 14:13:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-05 14:13:36 ----D---- C:\Windows
2016-03-05 14:12:20 ----D---- C:\Windows\Tasks
2016-03-05 14:12:20 ----D---- C:\Program Files (x86)\Google
2016-03-05 14:08:11 ----D---- C:\Windows\Prefetch
2016-03-04 19:41:56 ----HD---- C:\ProgramData
2016-03-04 18:39:48 ----RD---- C:\Program Files
2016-03-04 14:07:06 ----D---- C:\Windows\system32\drivers
2016-03-04 14:07:04 ----SHD---- C:\Config.Msi
2016-03-04 10:36:37 ----D---- C:\Windows\system32\Tasks
2016-03-04 10:36:33 ----RD---- C:\Program Files (x86)
2016-03-04 10:36:28 ----D---- C:\Program Files\Google
2016-03-04 10:36:25 ----SHD---- C:\Windows\Installer
2016-03-04 10:23:16 ----D---- C:\Program Files\Common Files
2016-03-04 10:23:16 ----D---- C:\Program Files (x86)\Common Files
2016-03-04 10:22:44 ----D---- C:\Windows\winsxs
2016-03-04 10:20:45 ----D---- C:\ProgramData\AVAST Software
2016-03-04 09:50:40 ----D---- C:\Users\xxx\AppData\Roaming\DAEMON Tools Lite
2016-03-04 09:44:25 ----D---- C:\Users\xxx\AppData\Roaming\Skype
2016-03-03 11:11:26 ----D---- C:\Users\xxx\AppData\Roaming\vlc
2016-03-03 10:27:21 ----SHD---- C:\System Volume Information
2016-03-02 10:16:55 ----D---- C:\Users\xxx\AppData\Roaming\dvdcss
2016-03-01 00:29:11 ----D---- C:\ProgramData\CanonIJPLM
2016-02-29 16:23:22 ----D---- C:\Windows\twain_32
2016-02-29 16:23:22 ----D---- C:\Windows\SysWOW64
2016-02-29 16:19:04 ----D---- C:\Windows\system32\DriverStore
2016-02-28 12:41:58 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-28 12:41:58 ----SD---- C:\Windows\system32\GWX
2016-02-28 09:19:13 ----D---- C:\ProgramData\DVD Shrink
2016-02-26 10:14:57 ----D---- C:\ProgramData\Skype
2016-02-26 00:31:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-25 13:05:04 ----D---- C:\Windows\Microsoft.NET
2016-02-25 00:58:56 ----D---- C:\Windows\system32\catroot
2016-02-25 00:34:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-02-21 05:11:25 ----D---- C:\Windows\system32\catroot2
2016-02-20 08:56:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-19 14:35:45 ----RSD---- C:\Windows\assembly
2016-02-19 13:05:05 ----D---- C:\Program Files (x86)\SpeedFan
2016-02-14 13:45:41 ----D---- C:\Windows\rescache
2016-02-12 16:27:55 ----D---- C:\Windows\Logs
2016-02-12 16:27:55 ----D---- C:\Windows\debug
2016-02-11 00:26:39 ----D---- C:\Program Files\Windows Journal
2016-02-11 00:26:38 ----SD---- C:\Windows\system32\CompatTel
2016-02-11 00:26:38 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-11 00:26:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-11 00:26:38 ----D---- C:\Windows\system32\en-US
2016-02-11 00:26:38 ----D---- C:\Windows\system32\cs-CZ
2016-02-11 00:26:38 ----D---- C:\Windows\system32\appraiser
2016-02-11 00:26:38 ----D---- C:\Windows\AppPatch
2016-02-11 00:26:38 ----D---- C:\Program Files\Internet Explorer
2016-02-11 00:26:38 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 00:26:22 ----D---- C:\Windows\cs-CZ
2016-02-10 19:27:49 ----D---- C:\Windows\system32\MRT
2016-02-10 19:27:49 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 16:48:30 ----D---- C:\Windows\SoftwareDistribution
2016-02-09 14:19:54 ----D---- C:\Windows\Downloaded Program Files
2016-02-09 07:38:15 ----D---- C:\ProgramData\Firefly Studios
2016-02-07 15:52:53 ----D---- C:\ProgramData\AlawarWrapper
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-03-04 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-03-04 287016]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-12 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-03-04 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-04 1065720]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-03-04 463744]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-03-04 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-04 107792]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2016-01-20 42696]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-16 6403584]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-16 188928]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-05 125456]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-12-20 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2015-12-20 46392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-03-04 165344]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2016-01-20 310984]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-16 6403584]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz134;cpuz134; \??\C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2010-07-09 21480]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2010-09-17 79680]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2010-10-25 20552]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-16 202752]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-04 237096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-09-28 25800]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-15 76888]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-02-23 2192176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-30 1368408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-03-04 194032]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-11 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Log RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by xxx at 2016-03-05 14:18:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 148 GB (31%) free of 477 GB
Total RAM: 3835 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:18:31, on 5.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\xxx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{89709285-5AA6-4845-8F4F-A63EEA90DA7E}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7561 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
taskeng.exe {655C74E4-620C-49A2-AC83-3CDB46103A91}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
"taskhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ac7c0ac6-fa60-4178-b1f8-59c1e76d4955 -SystemEventPortName:HostProcess-1a5e54d5-fbe8-417d-a650-6f48e5121394 -IoCancelEventPortName:HostProcess-1b239f48-82e2-45da-b1a8-9b876ae3234f -NonStateChangingEventPortName:HostProcess-ea9106cc-e6d3-4a78-baf8-6dc533ce5905 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:539fd193-3c95-4591-98cb-b04f78f2f41c -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskeng.exe {5BE555E1-C32C-4C53-A360-2AFDDB372B32}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\xxx\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\HPCeeScheduleForxxx.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForxxx (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-04 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-04 678656]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-30 4179288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-16 98304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-04 7139768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-05 14:12:19 ----D---- C:\_OTM
2016-03-04 19:40:11 ----D---- C:\AdwCleaner
2016-03-04 18:39:48 ----D---- C:\rsit
2016-03-04 18:39:48 ----D---- C:\Program Files\trend micro
2016-03-04 10:36:15 ----D---- C:\ProgramData\Google
2016-03-04 10:35:32 ----A---- C:\Windows\system32\aswBoot.exe
2016-03-04 10:23:54 ----D---- C:\Users\xxx\AppData\Roaming\AVAST Software
2016-03-04 10:23:16 ----D---- C:\Program Files\Common Files\AV
2016-03-04 10:23:04 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-03-04 10:23:03 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-03-04 10:23:02 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-03-04 10:23:02 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-03-04 10:23:01 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-03-04 10:22:19 ----A---- C:\Windows\avastSS.scr
2016-03-04 10:21:03 ----D---- C:\Program Files\AVAST Software
2016-02-29 16:34:01 ----D---- C:\ProgramData\CanonIJ
2016-02-29 16:32:51 ----HD---- C:\ProgramData\CanonIJScan
2016-02-29 16:31:35 ----D---- C:\Users\xxx\AppData\Roaming\Canon
2016-02-29 16:31:10 ----HD---- C:\ProgramData\CanonIJMyPrinter
2016-02-29 16:26:38 ----D---- C:\Program Files\Canon
2016-02-29 16:25:01 ----D---- C:\Program Files (x86)\Canon
2016-02-29 16:19:05 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2016-02-29 16:19:00 ----A---- C:\Windows\SYSWOW64\CNC280U.dll
2016-02-29 16:19:00 ----A---- C:\Windows\SYSWOW64\CNC280L.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280L.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280I.dll
2016-02-29 16:18:59 ----A---- C:\Windows\system32\CNC280C.dll
2016-02-29 16:18:07 ----A---- C:\Windows\system32\CNC280O.dll
2016-02-29 16:18:02 ----HD---- C:\Program Files\CanonBJ
2016-02-28 12:39:51 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-28 12:39:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-28 09:14:47 ----D---- C:\Program Files (x86)\DVD Shrink
2016-02-26 10:14:52 ----RD---- C:\Program Files (x86)\Skype
2016-02-20 09:30:16 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2016-02-19 14:55:07 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\ucrtbase.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-19 14:55:06 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-19 14:55:05 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-19 14:55:04 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-19 14:55:04 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-10 13:16:25 ----D---- C:\Program Files\Farming Simulator 15
2016-02-10 11:11:50 ----A---- C:\Windows\system32\InkEd.dll
2016-02-10 11:11:49 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-10 11:11:49 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 11:11:19 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 11:11:19 ----A---- C:\Windows\system32\acmigration.dll
2016-02-10 11:10:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-10 11:10:55 ----A---- C:\Windows\system32\iertutil.dll
2016-02-10 11:10:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-10 11:10:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-10 11:10:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-10 11:10:52 ----A---- C:\Windows\system32\urlmon.dll
2016-02-10 11:10:52 ----A---- C:\Windows\system32\ieui.dll
2016-02-10 11:10:52 ----A---- C:\Windows\system32\ieframe.dll
2016-02-10 11:10:51 ----A---- C:\Windows\system32\mshtml.dll
2016-02-10 11:10:51 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-10 11:10:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-10 11:10:14 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\iernonce.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-10 11:10:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-10 11:10:13 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-10 11:10:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-10 11:10:12 ----A---- C:\Windows\system32\inseng.dll
2016-02-10 11:10:12 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 11:10:11 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-10 11:10:11 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 11:10:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-10 11:10:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-10 11:10:06 ----A---- C:\Windows\system32\occache.dll
2016-02-10 11:10:06 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-10 11:10:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-10 11:10:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 11:10:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-10 11:10:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-10 11:10:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-10 11:10:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 11:10:02 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-10 11:10:02 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-10 11:10:00 ----A---- C:\Windows\system32\iesetup.dll
2016-02-10 11:10:00 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-10 11:09:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-10 11:09:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 11:09:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-10 11:09:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-10 11:09:56 ----A---- C:\Windows\system32\vbscript.dll
2016-02-10 11:09:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-10 11:09:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-10 11:09:55 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-10 11:09:54 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-10 11:09:53 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\webcheck.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript9.dll
2016-02-10 11:09:52 ----A---- C:\Windows\system32\jscript.dll
2016-02-10 11:09:51 ----A---- C:\Windows\system32\wininet.dll
2016-02-10 11:09:50 ----A---- C:\Windows\system32\msrating.dll
2016-02-10 11:09:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-10 11:08:16 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-10 11:07:52 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-10 11:07:52 ----A---- C:\Windows\system32\wuapi.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-10 11:07:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wups2.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wups.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wudriver.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wucltux.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wuapp.exe
2016-02-10 11:07:51 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 11:07:51 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-10 11:07:50 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-10 11:07:20 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-10 11:07:20 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:07:20 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-10 11:07:15 ----A---- C:\Windows\system32\win32k.sys
2016-02-10 11:07:06 ----A---- C:\Windows\system32\ole32.dll
2016-02-10 11:07:01 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-10 11:06:24 ----A---- C:\Windows\system32\EncDec.dll
2016-02-10 11:06:23 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-10 11:06:23 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-10 11:06:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-10 11:06:23 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-10 11:06:22 ----A---- C:\Windows\system32\ntdll.dll
2016-02-10 11:06:22 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-10 11:06:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 11:06:21 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-10 11:06:21 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-10 11:06:21 ----A---- C:\Windows\system32\kerberos.dll
2016-02-10 11:06:20 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-10 11:06:20 ----A---- C:\Windows\system32\kernel32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-10 11:06:19 ----A---- C:\Windows\system32\advapi32.dll
2016-02-10 11:06:18 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-10 11:06:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-10 11:06:17 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-10 11:06:17 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-10 11:06:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\smss.exe
2016-02-10 11:06:15 ----A---- C:\Windows\system32\schannel.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-10 11:06:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-10 11:06:15 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-10 11:06:14 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64win.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wow64.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\winsrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\wdigest.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\sspicli.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\srcore.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\srclient.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\lsass.exe
2016-02-10 11:06:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-10 11:06:14 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-10 11:06:14 ----A---- C:\Windows\system32\conhost.exe
2016-02-10 11:06:13 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-10 11:06:13 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-10 11:06:13 ----A---- C:\Windows\system32\secur32.dll
2016-02-10 11:06:13 ----A---- C:\Windows\system32\rstrui.exe
2016-02-10 11:06:13 ----A---- C:\Windows\system32\credssp.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:06:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-10 11:06:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-10 11:06:12 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-10 11:06:12 ----A---- C:\Windows\system32\auditpol.exe
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 11:06:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 11:06:11 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-10 11:06:11 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 11:06:10 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 11:06:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 11:06:09 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-10 11:06:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-10 11:06:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 11:06:07 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 11:06:07 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-10 11:06:06 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-10 11:06:06 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-10 11:06:06 ----A---- C:\Windows\system32\msaudite.dll
2016-02-10 11:06:06 ----A---- C:\Windows\system32\adtschema.dll
2016-02-10 11:06:05 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-10 11:06:04 ----A---- C:\Windows\system32\msobjs.dll
2016-02-10 11:05:33 ----A---- C:\Windows\system32\shell32.dll
2016-02-10 11:05:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-10 11:05:29 ----A---- C:\Windows\explorer.exe
2016-02-10 11:05:27 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-10 11:05:27 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:05:27 ----A---- C:\Windows\system32\authui.dll
2016-02-10 11:05:26 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-10 11:05:26 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-10 00:23:42 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-02-10 00:23:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-02-10 00:23:42 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-02-10 00:23:42 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-02-10 00:23:39 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-02-10 00:23:37 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-02-10 00:23:37 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-02-10 00:23:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-02-10 00:23:36 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-02-10 00:18:28 ----D---- C:\Program Files (x86)\Farming Simulator 2015
======List of files/folders modified in the last 1 month======
2016-03-05 14:18:30 ----D---- C:\Windows\Temp
2016-03-05 14:13:55 ----D---- C:\Windows\system32\config
2016-03-05 14:13:37 ----D---- C:\Windows\System32
2016-03-05 14:13:37 ----D---- C:\Windows\inf
2016-03-05 14:13:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-05 14:13:36 ----D---- C:\Windows
2016-03-05 14:12:20 ----D---- C:\Windows\Tasks
2016-03-05 14:12:20 ----D---- C:\Program Files (x86)\Google
2016-03-05 14:08:11 ----D---- C:\Windows\Prefetch
2016-03-04 19:41:56 ----HD---- C:\ProgramData
2016-03-04 18:39:48 ----RD---- C:\Program Files
2016-03-04 14:07:06 ----D---- C:\Windows\system32\drivers
2016-03-04 14:07:04 ----SHD---- C:\Config.Msi
2016-03-04 10:36:37 ----D---- C:\Windows\system32\Tasks
2016-03-04 10:36:33 ----RD---- C:\Program Files (x86)
2016-03-04 10:36:28 ----D---- C:\Program Files\Google
2016-03-04 10:36:25 ----SHD---- C:\Windows\Installer
2016-03-04 10:23:16 ----D---- C:\Program Files\Common Files
2016-03-04 10:23:16 ----D---- C:\Program Files (x86)\Common Files
2016-03-04 10:22:44 ----D---- C:\Windows\winsxs
2016-03-04 10:20:45 ----D---- C:\ProgramData\AVAST Software
2016-03-04 09:50:40 ----D---- C:\Users\xxx\AppData\Roaming\DAEMON Tools Lite
2016-03-04 09:44:25 ----D---- C:\Users\xxx\AppData\Roaming\Skype
2016-03-03 11:11:26 ----D---- C:\Users\xxx\AppData\Roaming\vlc
2016-03-03 10:27:21 ----SHD---- C:\System Volume Information
2016-03-02 10:16:55 ----D---- C:\Users\xxx\AppData\Roaming\dvdcss
2016-03-01 00:29:11 ----D---- C:\ProgramData\CanonIJPLM
2016-02-29 16:23:22 ----D---- C:\Windows\twain_32
2016-02-29 16:23:22 ----D---- C:\Windows\SysWOW64
2016-02-29 16:19:04 ----D---- C:\Windows\system32\DriverStore
2016-02-28 12:41:58 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-28 12:41:58 ----SD---- C:\Windows\system32\GWX
2016-02-28 09:19:13 ----D---- C:\ProgramData\DVD Shrink
2016-02-26 10:14:57 ----D---- C:\ProgramData\Skype
2016-02-26 00:31:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-25 13:05:04 ----D---- C:\Windows\Microsoft.NET
2016-02-25 00:58:56 ----D---- C:\Windows\system32\catroot
2016-02-25 00:34:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-02-21 05:11:25 ----D---- C:\Windows\system32\catroot2
2016-02-20 08:56:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-19 14:35:45 ----RSD---- C:\Windows\assembly
2016-02-19 13:05:05 ----D---- C:\Program Files (x86)\SpeedFan
2016-02-14 13:45:41 ----D---- C:\Windows\rescache
2016-02-12 16:27:55 ----D---- C:\Windows\Logs
2016-02-12 16:27:55 ----D---- C:\Windows\debug
2016-02-11 00:26:39 ----D---- C:\Program Files\Windows Journal
2016-02-11 00:26:38 ----SD---- C:\Windows\system32\CompatTel
2016-02-11 00:26:38 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-11 00:26:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-11 00:26:38 ----D---- C:\Windows\system32\en-US
2016-02-11 00:26:38 ----D---- C:\Windows\system32\cs-CZ
2016-02-11 00:26:38 ----D---- C:\Windows\system32\appraiser
2016-02-11 00:26:38 ----D---- C:\Windows\AppPatch
2016-02-11 00:26:38 ----D---- C:\Program Files\Internet Explorer
2016-02-11 00:26:38 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 00:26:22 ----D---- C:\Windows\cs-CZ
2016-02-10 19:27:49 ----D---- C:\Windows\system32\MRT
2016-02-10 19:27:49 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 16:48:30 ----D---- C:\Windows\SoftwareDistribution
2016-02-09 14:19:54 ----D---- C:\Windows\Downloaded Program Files
2016-02-09 07:38:15 ----D---- C:\ProgramData\Firefly Studios
2016-02-07 15:52:53 ----D---- C:\ProgramData\AlawarWrapper
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-03-04 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-03-04 287016]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-12 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-03-04 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-04 1065720]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-03-04 463744]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-03-04 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-04 107792]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2016-01-20 42696]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-16 6403584]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-16 188928]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-05 125456]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-12-20 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2015-12-20 46392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-03-04 165344]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2016-01-20 310984]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-16 6403584]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz134;cpuz134; \??\C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2010-07-09 21480]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2010-09-17 79680]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2010-10-25 20552]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-16 202752]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-04 237096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-09-28 25800]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-15 76888]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-02-23 2192176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-30 1368408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-22 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-03-04 194032]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-11 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomaly počítač
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jaroslav.24
- Návštěvník
- Příspěvky: 71
- Registrován: 01 zář 2011 16:14
Re: Pomaly počítač
OTM je pryč. PC se restartoval a naběhl celkem rychle a bez zjevných problémů. Díky.
Odstraním ještě ADWCLEANER a RSIT.
Potom použiji CCLEANER na případné doladění registru.
Ještě jednou díky.
Odstraním ještě ADWCLEANER a RSIT.
Potom použiji CCLEANER na případné doladění registru.
Ještě jednou díky.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomaly počítač
OK. Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?