Logfile of random's system information tool 1.10 (written by random/random)
Run at 2016-11-30 18:50:15
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 5 GB (1%) free of 954 GB
Total RAM: 8173 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:50:19, on 30.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\HsMgr.exe
C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
C:\Program Files\ASUS Xonar DX Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Libor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Syncios device service] C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Dell Display Manager.lnk = C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6500 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\SysWOW64\HsMgr.exe" Envoke
"C:\Windows\system\HsMgr64.exe" Envoke
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Syncios\SynciosDeviceService.exe"
"C:\Program Files\ASUS Xonar DX Audio\Customapp\ASUSAUDIOCENTER.EXE"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Libor\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Libor\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
=========Mozilla firefox=========
ProfilePath - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cvmldhk0.default
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll
C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cvmldhk0.default\extensions\
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-22 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-22 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cmaudio8788GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]
"Cmaudio8788GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-09-15 170256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-09-15 60688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-05-20 36864]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"Syncios device service"=C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [2015-08-04 861184]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dell Display Manager.lnk - C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-30 18:45:47 ----D---- C:\rsit
2016-11-30 18:34:12 ----D---- C:\AdwCleaner
2016-11-23 20:30:45 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2016-11-16 01:47:29 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-11-14 22:11:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-14 22:11:05 ----A---- C:\Windows\system32\mshtml.dll
2016-11-14 22:11:04 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-14 22:11:04 ----A---- C:\Windows\system32\ieframe.dll
2016-11-14 22:11:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-14 22:11:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-14 22:11:03 ----A---- C:\Windows\system32\wininet.dll
2016-11-14 22:11:03 ----A---- C:\Windows\system32\win32k.sys
2016-11-14 22:11:03 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-14 22:11:03 ----A---- C:\Windows\system32\jscript9.dll
2016-11-14 22:11:03 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-14 22:11:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-14 22:11:02 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-14 22:11:02 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-14 22:11:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-14 22:11:02 ----A---- C:\Windows\system32\urlmon.dll
2016-11-14 22:11:02 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-14 22:11:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-14 22:11:02 ----A---- C:\Windows\system32\ntdll.dll
2016-11-14 22:11:02 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-14 22:11:02 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-14 22:11:02 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-14 22:11:02 ----A---- C:\Windows\system32\iertutil.dll
2016-11-14 22:11:01 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-14 22:11:01 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-14 22:11:01 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-14 22:11:01 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-14 22:11:01 ----A---- C:\Windows\system32\win32spl.dll
2016-11-14 22:11:01 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-14 22:11:01 ----A---- C:\Windows\system32\clfs.sys
2016-11-14 22:11:01 ----A---- C:\Windows\system32\atmfd.dll
2016-11-14 22:11:00 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-14 22:11:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-14 22:10:59 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-14 22:10:59 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-14 22:10:59 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-14 22:10:59 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-14 22:10:59 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-14 22:10:59 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-14 22:10:58 ----A---- C:\Windows\system32\msctf.dll
2016-11-14 22:10:57 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-14 22:10:57 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-14 22:10:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-14 22:10:57 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-14 22:10:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-14 22:10:57 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-14 22:10:56 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-14 22:10:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-14 22:10:56 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-14 22:10:56 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-14 22:10:56 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-14 22:10:56 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-14 22:10:56 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-14 22:10:56 ----A---- C:\Windows\system32\input.dll
2016-11-14 22:10:56 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-14 22:10:56 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-14 22:10:55 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-14 22:10:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-14 22:10:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-14 22:10:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-14 22:10:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-14 22:10:55 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-14 22:10:55 ----A---- C:\Windows\system32\webcheck.dll
2016-11-14 22:10:55 ----A---- C:\Windows\system32\msrating.dll
2016-11-14 22:10:55 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-14 22:10:55 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-14 22:10:55 ----A---- C:\Windows\system32\certcli.dll
2016-11-14 22:10:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-14 22:10:54 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-14 22:10:54 ----A---- C:\Windows\system32\ieui.dll
2016-11-14 22:10:54 ----A---- C:\Windows\system32\iesetup.dll
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-14 22:10:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\vbscript.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\occache.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\jscript.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\inseng.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\INETRES.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-14 22:10:53 ----A---- C:\Windows\system32\iernonce.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-14 22:10:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-14 22:10:52 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-14 22:10:52 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-14 22:10:52 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-14 22:10:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-14 22:10:52 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\wow64win.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\winsrv.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\wdigest.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\sspicli.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\srcore.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\smss.exe
2016-11-14 22:10:52 ----A---- C:\Windows\system32\schannel.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\lpk.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\kernel32.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\kerberos.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\fontsub.dll
2016-11-14 22:10:52 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-14 22:10:52 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-14 22:10:52 ----A---- C:\Windows\system32\advapi32.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-14 22:10:51 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-14 22:10:51 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\wow64.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\srclient.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\secur32.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\rstrui.exe
2016-11-14 22:10:51 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\lsass.exe
2016-11-14 22:10:51 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-14 22:10:51 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-14 22:10:51 ----A---- C:\Windows\system32\dciman32.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\credssp.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\conhost.exe
2016-11-14 22:10:51 ----A---- C:\Windows\system32\auditpol.exe
2016-11-14 22:10:51 ----A---- C:\Windows\system32\atmlib.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-14 22:10:51 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-14 22:10:51 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-14 22:10:51 ----A---- C:\Windows\system32\appidapi.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-14 22:10:50 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-14 22:10:50 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-14 22:10:50 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-14 22:10:50 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-14 22:10:50 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-14 22:10:50 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-14 22:10:50 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-14 22:10:50 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-14 22:10:50 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-14 22:10:50 ----A---- C:\Windows\system32\tzres.dll
2016-11-14 22:10:50 ----A---- C:\Windows\system32\msaudite.dll
2016-11-14 22:10:50 ----A---- C:\Windows\system32\apisetschema.dll
2016-11-14 22:10:50 ----A---- C:\Windows\system32\adtschema.dll
2016-11-14 22:10:49 ----A---- C:\Windows\system32\msobjs.dll
======List of files/folders modified in the last 1 month======
2016-11-30 18:50:19 ----D---- C:\Program Files\trend micro
2016-11-30 18:45:55 ----D---- C:\Windows\Prefetch
2016-11-30 18:43:59 ----D---- C:\Windows\System32
2016-11-30 18:43:59 ----D---- C:\Windows\inf
2016-11-30 18:43:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-30 18:37:16 ----D---- C:\Windows\Temp
2016-11-30 18:32:12 ----D---- C:\Windows
2016-11-30 18:31:24 ----D---- C:\Windows\system32\config
2016-11-30 18:29:31 ----D---- C:\Users\Libor\AppData\Roaming\MPC-HC
2016-11-30 13:10:18 ----RD---- C:\Program Files (x86)
2016-11-30 12:55:31 ----SHD---- C:\System Volume Information
2016-11-30 12:41:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-30 01:44:03 ----D---- C:\Users\Libor\AppData\Roaming\Messenger for Desktop
2016-11-29 21:08:08 ----D---- C:\Windows\system32\drivers
2016-11-26 17:27:32 ----HD---- C:\ProgramData
2016-11-24 14:25:44 ----D---- C:\FFOutput
2016-11-15 11:04:16 ----D---- C:\Windows\rescache
2016-11-15 00:03:50 ----D---- C:\Windows\winsxs
2016-11-15 00:01:14 ----D---- C:\Windows\SYSWOW64\migration
2016-11-15 00:01:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-15 00:01:14 ----D---- C:\Program Files\Internet Explorer
2016-11-15 00:01:14 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-15 00:01:13 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-15 00:01:13 ----D---- C:\Windows\SysWOW64
2016-11-15 00:01:13 ----D---- C:\Windows\system32\migration
2016-11-15 00:01:13 ----D---- C:\Windows\system32\cs-CZ
2016-11-15 00:01:12 ----D---- C:\Windows\system32\en-US
2016-11-15 00:01:12 ----D---- C:\Windows\system32\Boot
2016-11-15 00:01:12 ----D---- C:\Windows\AppPatch
2016-11-14 22:16:01 ----D---- C:\Users\Libor\AppData\Roaming\Stellarium
2016-11-14 22:05:24 ----D---- C:\Windows\system32\catroot2
2016-11-13 10:07:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-13 10:07:07 ----D---- C:\Windows\system32\Macromed
2016-11-13 10:07:06 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-04 14:57:04 ----D---- C:\Users\Libor\AppData\Roaming\foobar2000
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-10-03 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-05-20 105312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-10-03 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-10-03 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-10-03 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-10-03 513632]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-10-03 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-10-03 163416]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-01-27 125416]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-01-27 385512]
R3 cmudaxp;ASUS Xonar DX Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys [2011-03-10 2725376]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-03-08 205456]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-10-03 37656]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-09-02 77104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-10-03 197128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-03-08 1264064]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-09-15 644880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-27 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-11-30 172488]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu logu
Naposledy upravil(a) ratamata dne 02 pro 2016 21:42, celkem upraveno 1 x.
Re: Prosím o kontrolu logu
Zdravím, smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Re: Prosím o kontrolu logu
Ahoj, tady je nový log.
# AdwCleaner v6.030 - Log soubor vytvořen 01/12/2016 na 22:04:56
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-12-01.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Libor
# Beží od : C:\Users\Libor\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč smazán:HKU\S-1-5-21-1590269793-3940363470-3059051406-1000\Software\distromatic
[#] Klíč smazán po restartování:HKCU\Software\distromatic
[#] Klíč smazán po restartování:[x64] HKCU\Software\distromatic
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1298 Bajtů] - [01/12/2016 22:04:56]
C:\AdwCleaner\AdwCleaner[S0].txt - [1788 Bajtů] - [30/11/2016 18:35:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [1862 Bajtů] - [01/12/2016 22:04:17]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1520 Bajtů] ##########
# AdwCleaner v6.030 - Log soubor vytvořen 01/12/2016 na 22:04:56
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-12-01.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Libor
# Beží od : C:\Users\Libor\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč smazán:HKU\S-1-5-21-1590269793-3940363470-3059051406-1000\Software\distromatic
[#] Klíč smazán po restartování:HKCU\Software\distromatic
[#] Klíč smazán po restartování:[x64] HKCU\Software\distromatic
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1298 Bajtů] - [01/12/2016 22:04:56]
C:\AdwCleaner\AdwCleaner[S0].txt - [1788 Bajtů] - [30/11/2016 18:35:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [1862 Bajtů] - [01/12/2016 22:04:17]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1520 Bajtů] ##########
Naposledy upravil(a) ratamata dne 02 pro 2016 21:43, celkem upraveno 1 x.
Přispějete na provoz fóra?