prosím o preventivku

Zpráva

abdul99 · #1 Příspěvek od **abdul99** » 18 dub 2015 21:04

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adrian at 2015-04-18 22:03:43
Microsoft Windows 8.1
System drive C: has 322 GB (46%) free of 704 GB
Total RAM: 3971 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:03:49, on 18. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Adrian\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files\trend micro\Adrian.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_134_Plugin.exe -update plugin
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12204 bytes

======Listing Processes======

wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ngservice.exe pipeserver
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 78e4f9f7-2e15-457d-9041-8d2b02e91620 1
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
ClassicStartMenu.exe -startup
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\TOSHIBA\Teco\TecoResident.exe"
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
"C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\SysWOW64\DllHost.exe /Processid:{45BA127D-10A8-46EA-8AB7-56EA9078943C}
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-915bc2eb-9789-4bd1-b9e9-84fcb8f2a0b7 -SystemEventPortName:HostProcess-078f95e7-83c0-4439-9139-df4a38c0590a -IoCancelEventPortName:HostProcess-52704262-1b5a-438f-bb6e-4a47448648d3 -NonStateChangingEventPortName:HostProcess-8f2a2f83-e4a5-4cdc-b481-f2bbfa09202a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e4f6ea22-3d08-4602-9d2b-de9a57471e30 -DeviceGroupId:WpdFsGroup
taskhost.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Adrian\AppData\Roaming\uTorrent\utorrent.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe48_ Global\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
"C:\Users\Adrian\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\AutoKMSDaily.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-02 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-04-13 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-02 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-04-13 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-04-13 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-04-13 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-09-20 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-09-20 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-09-20 769520]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]
"TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-08-21 178016]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-14 354144]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-08-18 2556768]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [2013-11-28 1199576]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_134_Plugin.exe [2015-04-13 962224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2002-04-12 383768]
"1.TPUReg"=C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2013-03-27 2216800]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-20 5227648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-09-16 623104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-18 22:03:43 ----D---- C:\rsit
2015-04-18 19:52:17 ----D---- C:\Program Files\DIFX
2015-04-18 19:50:52 ----D---- C:\Users\Adrian\AppData\Roaming\Garmin
2015-04-18 19:26:42 ----D---- C:\ProgramData\GARMIN
2015-04-18 19:26:42 ----D---- C:\Program Files (x86)\Garmin
2015-04-18 16:23:27 ----D---- C:\ProgramData\Baidu
2015-04-18 16:14:38 ----A---- C:\Windows\AutoKMS.ini
2015-04-18 16:14:38 ----A---- C:\Windows\AutoKMS.exe
2015-04-18 16:14:13 ----A---- C:\Windows\KMSEmulator.exe
2015-04-18 14:23:49 ----A---- C:\Windows\SYSWOW64\Vb6de.dll
2015-04-18 14:23:49 ----A---- C:\Windows\SYSWOW64\Cmdlgde.dll
2015-04-18 14:23:48 ----A---- C:\Windows\UNWISE.EXE
2015-04-18 14:23:48 ----A---- C:\Windows\SYSWOW64\Sysinde.dll
2015-04-18 14:23:48 ----A---- C:\Windows\SYSWOW64\Mscmcde.dll
2015-04-18 14:23:48 ----A---- C:\Windows\SYSWOW64\Ctl3dv2.dll
2015-04-18 13:28:12 ----D---- C:\Users\Adrian\AppData\Roaming\AdobeUM
2015-04-18 13:18:07 ----D---- C:\Program Files\Common Files\DESIGNER
2015-04-18 13:16:46 ----D---- C:\Program Files\Microsoft Synchronization Services
2015-04-18 13:15:12 ----D---- C:\Windows\PCHEALTH
2015-04-18 13:15:12 ----D---- C:\Program Files\Microsoft Sync Framework
2015-04-18 13:15:12 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2015-04-18 13:12:38 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2015-04-18 13:09:50 ----D---- C:\Program Files\Microsoft Analysis Services
2015-04-18 13:09:50 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2015-04-18 13:09:04 ----D---- C:\Program Files\Microsoft Office
2015-04-18 13:09:03 ----D---- C:\ProgramData\Microsoft Help
2015-04-18 13:08:20 ----RHD---- C:\MSOCache
2015-04-13 21:10:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-13 20:02:34 ----D---- C:\Program Files\Google
2015-04-13 20:02:17 ----D---- C:\ProgramData\Google
2015-04-13 20:01:53 ----D---- C:\Program Files (x86)\Google
2015-03-24 20:37:40 ----D---- C:\Users\Adrian\AppData\Roaming\16454
2015-03-23 21:56:32 ----D---- C:\ProgramData\WinZip
2015-03-23 21:53:22 ----D---- C:\Spidla
2015-03-23 01:49:43 ----SHD---- C:\$RECYCLE.BIN
2015-03-23 01:43:26 ----A---- C:\Windows\zoek-delete.exe
2015-03-23 01:43:25 ----D---- C:\Windows\Temp
2015-03-21 23:13:38 ----D---- C:\Users\Adrian\AppData\Roaming\MAGIX
2015-03-21 22:47:21 ----D---- C:\Program Files (x86)\MAGIX
2015-03-21 22:47:05 ----D---- C:\Program Files (x86)\MSXML 4.0
2015-03-21 22:47:00 ----D---- C:\ProgramData\MAGIX
2015-03-20 23:34:13 ----D---- C:\Windows\SYSWOW64\NV
2015-03-20 23:34:13 ----D---- C:\Windows\system32\NV
2015-03-20 22:11:48 ----A---- C:\Windows\SYSWOW64\calc.exe
2015-03-20 22:11:48 ----A---- C:\Windows\system32\calc.exe
2015-03-20 22:11:42 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2015-03-20 22:11:41 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2015-03-20 22:11:41 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2015-03-20 22:11:38 ----A---- C:\Windows\system32\winshfhc.dll
2015-03-20 22:11:37 ----A---- C:\Windows\SYSWOW64\winshfhc.dll
2015-03-20 22:10:46 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2015-03-20 22:10:46 ----A---- C:\Windows\system32\SHCore.dll
2015-03-20 22:10:35 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2015-03-20 22:10:35 ----A---- C:\Windows\system32\photowiz.dll
2015-03-20 22:10:34 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-20 22:10:34 ----A---- C:\Windows\system32\win32k.sys
2015-03-20 22:10:34 ----A---- C:\Windows\system32\schannel.dll
2015-03-20 22:10:34 ----A---- C:\Windows\system32\msftedit.dll
2015-03-20 22:10:33 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-03-20 22:10:33 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-20 22:10:33 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-20 22:10:33 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-20 22:10:33 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-20 22:10:33 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-20 22:10:33 ----A---- C:\Windows\system32\lpk.dll
2015-03-20 22:10:33 ----A---- C:\Windows\system32\fontsub.dll
2015-03-20 22:10:33 ----A---- C:\Windows\system32\dciman32.dll
2015-03-20 22:10:33 ----A---- C:\Windows\system32\atmlib.dll
2015-03-20 22:10:33 ----A---- C:\Windows\system32\atmfd.dll
2015-03-20 22:10:29 ----A---- C:\Windows\system32\win32spl.dll
2015-03-20 22:10:29 ----A---- C:\Windows\system32\puiobj.dll
2015-03-20 22:10:29 ----A---- C:\Windows\system32\localspl.dll
2015-03-20 22:10:27 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2015-03-20 22:10:27 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2015-03-20 22:10:27 ----A---- C:\Windows\system32\DafPrintProvider.dll
2015-03-20 22:10:26 ----A---- C:\Windows\SYSWOW64\puiapi.dll
2015-03-20 22:10:26 ----A---- C:\Windows\SYSWOW64\prnntfy.dll
2015-03-20 22:10:26 ----A---- C:\Windows\SYSWOW64\printui.exe
2015-03-20 22:10:26 ----A---- C:\Windows\SYSWOW64\findnetprinters.dll
2015-03-20 22:10:26 ----A---- C:\Windows\SYSWOW64\compstui.dll
2015-03-20 22:10:26 ----A---- C:\Windows\system32\puiapi.dll
2015-03-20 22:10:26 ----A---- C:\Windows\system32\prnntfy.dll
2015-03-20 22:10:26 ----A---- C:\Windows\system32\printui.exe
2015-03-20 22:10:26 ----A---- C:\Windows\system32\findnetprinters.dll
2015-03-20 22:10:26 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-03-20 22:10:26 ----A---- C:\Windows\system32\compstui.dll
2015-03-20 22:10:25 ----AC---- C:\Windows\system32\fsquirt.exe
2015-03-20 22:10:25 ----AC---- C:\Windows\system32\drivers\hidbth.sys
2015-03-20 22:10:25 ----AC---- C:\Windows\system32\drivers\bthport.sys
2015-03-20 22:10:25 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-03-20 22:10:25 ----A---- C:\Windows\system32\dwmcore.dll
2015-03-20 22:10:24 ----AC---- C:\Windows\system32\drivers\rfcomm.sys
2015-03-20 22:10:24 ----AC---- C:\Windows\system32\drivers\BTHUSB.SYS
2015-03-20 22:10:24 ----AC---- C:\Windows\system32\drivers\bthenum.sys
2015-03-20 22:10:23 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2015-03-20 22:10:23 ----A---- C:\Windows\system32\atlthunk.dll
2015-03-20 22:10:22 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2015-03-20 22:10:22 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2015-03-20 22:10:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2015-03-20 22:10:22 ----A---- C:\Windows\SYSWOW64\atlthunk.dll
2015-03-20 22:10:22 ----A---- C:\Windows\system32\mfc42u.dll
2015-03-20 22:10:21 ----A---- C:\Windows\system32\mfc42.dll
2015-03-20 22:10:20 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2015-03-20 22:10:20 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-20 22:10:20 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-03-20 22:10:20 ----A---- C:\Windows\system32\WSShared.dll
2015-03-20 22:10:20 ----A---- C:\Windows\system32\WSReset.exe
2015-03-20 22:10:20 ----A---- C:\Windows\system32\WSCollect.exe
2015-03-20 22:10:20 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-20 22:10:20 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-20 22:10:17 ----A---- C:\Windows\SYSWOW64\StorageContextHandler.dll
2015-03-20 22:10:17 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-03-20 22:10:17 ----A---- C:\Windows\system32\StorageContextHandler.dll
2015-03-20 22:10:17 ----A---- C:\Windows\system32\authui.dll
2015-03-20 22:10:16 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-03-20 22:10:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-20 22:10:16 ----A---- C:\Windows\system32\ntdll.dll
2015-03-20 22:10:11 ----A---- C:\Windows\system32\ubpm.dll
2015-03-20 22:10:11 ----A---- C:\Windows\system32\rfxvmt.dll
2015-03-20 22:10:11 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-20 22:10:11 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-20 22:10:11 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-03-20 22:10:10 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2015-03-20 22:10:10 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2015-03-20 22:10:10 ----A---- C:\Windows\SYSWOW64\eappcfg.dll
2015-03-20 22:10:10 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2015-03-20 22:10:10 ----A---- C:\Windows\system32\eapphost.dll
2015-03-20 22:10:10 ----A---- C:\Windows\system32\eappgnui.dll
2015-03-20 22:10:10 ----A---- C:\Windows\system32\eappcfg.dll
2015-03-20 22:10:10 ----A---- C:\Windows\system32\eapp3hst.dll
2015-03-20 22:10:09 ----A---- C:\Windows\SYSWOW64\eappprxy.dll
2015-03-20 22:10:09 ----A---- C:\Windows\system32\eappprxy.dll
2015-03-20 22:09:53 ----A---- C:\Windows\system32\mshtml.dll
2015-03-20 22:09:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-20 22:09:49 ----A---- C:\Windows\system32\jscript9.dll
2015-03-20 22:09:49 ----A---- C:\Windows\system32\ieframe.dll
2015-03-20 22:09:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-20 22:09:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-20 22:09:40 ----A---- C:\Windows\system32\wininet.dll
2015-03-20 22:09:40 ----A---- C:\Windows\system32\iertutil.dll
2015-03-20 22:09:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-20 22:09:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-20 22:09:39 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-03-20 22:09:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-20 22:09:39 ----A---- C:\Windows\system32\urlmon.dll
2015-03-20 22:09:39 ----A---- C:\Windows\system32\inetcomm.dll
2015-03-20 22:09:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-20 22:09:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-20 22:09:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-20 22:09:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-20 22:09:37 ----A---- C:\Windows\system32\vbscript.dll
2015-03-20 22:09:37 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-20 22:09:37 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-20 22:09:37 ----A---- C:\Windows\system32\iepeers.dll
2015-03-20 22:09:37 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-20 22:09:37 ----A---- C:\Windows\system32\actxprxy.dll
2015-03-20 22:09:36 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-03-20 22:09:36 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-20 22:09:36 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-03-20 22:09:36 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-03-20 22:09:36 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-20 22:09:36 ----A---- C:\Windows\system32\webcheck.dll
2015-03-20 22:09:36 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-20 22:09:36 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-20 22:09:36 ----A---- C:\Windows\system32\jscript.dll
2015-03-20 22:09:36 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-20 22:09:36 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-20 22:09:26 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-20 22:09:26 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-20 22:09:26 ----A---- C:\Windows\system32\LockScreenContentServer.exe
2015-03-20 22:09:25 ----A---- C:\Windows\system32\shell32.dll
2015-03-20 22:09:24 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-20 22:09:16 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2015-03-20 22:09:16 ----A---- C:\Windows\system32\MrmCoreR.dll
2015-03-20 22:09:15 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-20 22:09:15 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-20 22:09:15 ----A---- C:\Windows\explorer.exe
2015-03-20 22:09:14 ----A---- C:\Windows\SYSWOW64\explorer.exe
2015-03-20 22:09:13 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-20 22:09:13 ----A---- C:\Windows\system32\msctf.dll
2015-03-20 22:00:44 ----D---- C:\ProgramData\{ed246866-b7f3-4517-ed24-46866b7fa19a}
2015-03-20 21:33:13 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-03-20 21:33:13 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-03-20 21:33:13 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-03-20 21:33:13 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-03-20 21:33:13 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-03-20 21:33:13 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-03-20 21:33:13 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-03-20 21:33:13 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-03-20 21:33:13 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-03-20 21:33:13 ----A---- C:\Windows\system32\nvopencl.dll
2015-03-20 21:33:13 ----A---- C:\Windows\system32\nvoglv64.dll
2015-03-20 21:33:13 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-03-20 21:33:13 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-03-20 21:33:13 ----A---- C:\Windows\system32\NvIFR64.dll
2015-03-20 21:33:13 ----A---- C:\Windows\system32\NvFBC64.dll
2015-03-20 21:33:13 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-03-20 21:33:13 ----A---- C:\Windows\system32\nvdispgenco6434788.dll
2015-03-20 21:33:13 ----A---- C:\Windows\system32\nvdispco6434788.dll
2015-03-20 21:33:13 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2015-03-20 21:33:13 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-03-20 21:33:12 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-03-20 21:33:12 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-03-20 21:33:12 ----A---- C:\Windows\system32\nvcuvid.dll
2015-03-20 21:33:11 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-03-20 21:33:11 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-03-20 21:33:11 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-03-20 21:33:11 ----A---- C:\Windows\system32\nvcuda.dll
2015-03-20 21:33:11 ----A---- C:\Windows\system32\nvcompiler.dll
2015-03-20 21:33:11 ----A---- C:\Windows\system32\nvapi64.dll

======List of files/folders modified in the last 1 month======

2015-04-18 22:03:48 ----D---- C:\Program Files\trend micro
2015-04-18 22:03:35 ----D---- C:\Users\Adrian\AppData\Roaming\uTorrent
2015-04-18 22:00:00 ----D---- C:\Windows\system32\sru
2015-04-18 21:55:17 ----D---- C:\Windows\Prefetch
2015-04-18 20:34:39 ----SD---- C:\Users\Adrian\AppData\Roaming\Microsoft
2015-04-18 20:33:16 ----D---- C:\Users\Adrian\AppData\Roaming\ClassicShell
2015-04-18 20:32:26 ----SHD---- C:\Windows\Installer
2015-04-18 19:52:29 ----D---- C:\Windows\SysWOW64
2015-04-18 19:52:17 ----RD---- C:\Program Files
2015-04-18 19:52:17 ----D---- C:\Windows\system32\DriverStore
2015-04-18 19:52:17 ----D---- C:\Windows\system32\catroot
2015-04-18 19:52:17 ----D---- C:\Windows\Inf
2015-04-18 19:49:43 ----SHD---- C:\System Volume Information
2015-04-18 19:30:49 ----D---- C:\Windows\system32\config
2015-04-18 19:26:42 ----RD---- C:\Program Files (x86)
2015-04-18 19:26:42 ----AHD---- C:\ProgramData
2015-04-18 19:24:31 ----D---- C:\Windows\system32\catroot2
2015-04-18 16:14:39 ----D---- C:\Windows\Tasks
2015-04-18 16:14:39 ----D---- C:\Windows\system32\Tasks
2015-04-18 16:14:38 ----AD---- C:\Windows
2015-04-18 14:08:16 ----D---- C:\Windows\debug
2015-04-18 13:43:24 ----D---- C:\Windows\CbsTemp
2015-04-18 13:43:20 ----D---- C:\Windows\WinSxS
2015-04-18 13:22:15 ----D---- C:\Windows\Microsoft.NET
2015-04-18 13:21:59 ----RSD---- C:\Windows\assembly
2015-04-18 13:20:05 ----RAD---- C:\Windows\System32
2015-04-18 13:20:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-18 13:18:43 ----RSD---- C:\Windows\Fonts
2015-04-18 13:18:19 ----D---- C:\Windows\ShellNew
2015-04-18 13:18:08 ----D---- C:\Program Files\Common Files\microsoft shared
2015-04-18 13:18:07 ----D---- C:\Program Files\Common Files
2015-04-18 13:16:10 ----D---- C:\Program Files (x86)\MSBuild
2015-04-18 13:15:12 ----SD---- C:\ProgramData\Microsoft
2015-04-18 13:15:12 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-04-18 13:11:10 ----A---- C:\Windows\win.ini
2015-04-18 13:11:08 ----D---- C:\Program Files\Common Files\System
2015-04-18 13:09:12 ----D---- C:\Program Files (x86)\Microsoft Office
2015-04-18 12:54:07 ----HD---- C:\Program Files\WindowsApps
2015-04-18 12:53:54 ----D---- C:\Windows\AppReadiness
2015-04-13 21:27:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-28 05:44:01 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-03-28 05:44:01 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-03-28 05:43:39 ----A---- C:\Windows\system32\nvspcap64.dll
2015-03-28 05:43:39 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-03-25 23:25:48 ----D---- C:\Windows\rescache
2015-03-25 21:24:35 ----A---- C:\DelFix.txt
2015-03-25 21:08:03 ----D---- C:\Windows\system32\drivers\etc
2015-03-23 23:16:49 ----D---- C:\Windows\system32\drivers
2015-03-23 23:16:49 ----D---- C:\Program Files\Windows Defender
2015-03-23 23:16:49 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-23 23:16:47 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-23 23:16:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-23 23:16:47 ----D---- C:\Windows\system32\en-US
2015-03-23 23:16:47 ----D---- C:\Windows\system32\cs-CZ
2015-03-23 23:16:46 ----RD---- C:\Windows\ToastData
2015-03-23 23:16:45 ----D---- C:\Windows\WinStore
2015-03-23 23:16:43 ----D---- C:\Program Files\Internet Explorer
2015-03-23 23:16:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-23 22:50:57 ----D---- C:\Windows\system32\MRT
2015-03-23 22:48:24 ----A---- C:\Windows\system32\MRT.exe
2015-03-21 22:47:13 ----D---- C:\Windows\Help
2015-03-21 22:46:58 ----D---- C:\Program Files (x86)\Common Files
2015-03-20 23:20:29 ----D---- C:\Program Files (x86)\Ubisoft
2015-03-20 21:36:19 ----D---- C:\ProgramData\NVIDIA
2015-03-20 21:34:34 ----D---- C:\Program Files\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-02 267632]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-03-13 32456]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-01-12 386680]
R0 tos_sps64;@oem21.inf,%SERVICE_DESC_amd64%;TOSHIBA tos_sps64 Service; C:\Windows\System32\drivers\tos_sps64.sys [2012-06-18 499096]
R0 TVALZ;@oem17.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R0 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\System32\Drivers\TVALZFL.sys [2012-07-22 16768]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-02 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-02 436624]
R1 dtsoftbus01;@oem32.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-01-12 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-02 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-02 116728]
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [2009-09-11 14344]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-02 271752]
R3 AmUStor;@oem20.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 athr;@oem18.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-08-16 3859968]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-10-01 594632]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-09-16 4177920]
R3 IntcDAud;@oem3.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-09-16 449528]
R3 iwdbus;@oem6.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 L1C;@oem13.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-07-18 130248]
R3 MEIx64;@oem2.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-03-13 10262160]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-03-28 19600]
R3 nvvad_WaveExtensible;@oem30.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-22 34544]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-08-16 551936]
R3 SynTP;@oem23.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-08-06 528112]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2012-07-25 31184]
R3 Thotkey;@oem14.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys [2013-08-19 32624]
R3 tosrfec;@oem22.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys [2013-11-01 27032]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dtscsidrv;dtscsidrv; C:\Windows\system32\drivers\dtscsidrv.sys [2015-01-12 309248]
S3 intaud_WaveExtensible;@oem5.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 nmwcd;@oem36.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem40.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-10-01 312448]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-02 50344]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-01-23 1858048]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [2013-03-27 163168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-03-13 935056]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2015-01-08 2324216]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-16 339456]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\Teco\TecoService.exe [2013-08-10 328544]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-02 4012248]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TemproMonitoringService;TEMPRO Service; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2013-07-19 116088]
R3 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2013-07-31 53864]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2013-09-04 466504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13 116648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-09-20 279024]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-04-13 194032]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-13 148080]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

-----------------EOF-----------------

#2 Příspěvek od **Roli** » 19 dub 2015 17:06

Zdravím, copak uděláme s tím nelegálním produktem od Microsoftu ?

abdul99 · #3 Příspěvek od **abdul99** » 20 dub 2015 15:26

Smazeme? A krome nej je vse ok?

#4 Příspěvek od **Roli** » 20 dub 2015 16:52

abdul99 píše:Smazeme? A krome nej je vse ok?

Až jej odinstaluješ dej mi sem aktuální log z Rsit, doladíme to.

abdul99 · #5 Příspěvek od **abdul99** » 27 dub 2015 19:28

Omlouvám se, že odpovídám až teď, ale na ntb jsem se nedostal. Smazáno.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adrian at 2015-04-27 20:27:48
Microsoft Windows 8.1
System drive C: has 321 GB (46%) free of 704 GB
Total RAM: 3971 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:51, on 27. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Adrian.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10929 bytes

======Listing Processes======

wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {0590FE23-4EEA-4DC9-BD8F-8ACEF7FB072A}
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
ClassicStartMenu.exe -startup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 78e4f9f7-2e15-457d-9041-8d2b02e91620 1
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\TOSHIBA\Teco\TecoResident.exe"
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
ngservice.exe pipeserver
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\GWX\GWXConfigManager.exe /RunAppraiser
"C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
wmiadap.exe /F /T /R
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Adrian\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\AutoKMSDaily.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-02 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-04-13 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-02 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-04-13 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-04-13 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-04-13 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-09-20 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-09-20 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-09-20 769520]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]
"TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-08-21 178016]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-14 354144]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-08-18 2556768]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [2013-11-28 1199576]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2002-04-12 383768]
"1.TPUReg"=C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2013-03-27 2216800]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-20 5227648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-09-16 623104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-27 20:11:40 ----SHD---- C:\Config.Msi
2015-04-19 13:59:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 07:53:14 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-19 07:53:14 ----SD---- C:\Windows\system32\GWX
2015-04-19 07:53:14 ----SD---- C:\Windows\system32\CompatTel
2015-04-19 07:53:14 ----D---- C:\Windows\system32\appraiser
2015-04-19 07:41:47 ----D---- C:\Windows\SYSWOW64\NV
2015-04-19 07:41:47 ----D---- C:\Windows\system32\NV
2015-04-19 07:38:57 ----A---- C:\Windows\system32\nvdispgenco6435012.dll
2015-04-19 07:38:57 ----A---- C:\Windows\system32\nvdispco6435012.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-04-19 07:38:56 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\nvopencl.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\nvoglv64.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\NvIFR64.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\NvFBC64.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\nvcuvid.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\nvcuda.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\nvcompiler.dll
2015-04-19 07:38:56 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2015-04-19 07:38:56 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-04-18 22:03:43 ----D---- C:\rsit
2015-04-18 19:52:17 ----D---- C:\Program Files\DIFX
2015-04-18 19:50:52 ----D---- C:\Users\Adrian\AppData\Roaming\Garmin
2015-04-18 19:26:42 ----D---- C:\ProgramData\GARMIN
2015-04-18 19:26:42 ----D---- C:\Program Files (x86)\Garmin
2015-04-18 16:23:27 ----D---- C:\ProgramData\Baidu
2015-04-18 16:14:38 ----A---- C:\Windows\AutoKMS.ini
2015-04-18 16:14:38 ----A---- C:\Windows\AutoKMS.exe
2015-04-18 16:14:13 ----A---- C:\Windows\KMSEmulator.exe
2015-04-18 14:23:49 ----A---- C:\Windows\SYSWOW64\Vb6de.dll
2015-04-18 14:23:49 ----A---- C:\Windows\SYSWOW64\Cmdlgde.dll
2015-04-18 14:23:48 ----A---- C:\Windows\UNWISE.EXE
2015-04-18 14:23:48 ----A---- C:\Windows\SYSWOW64\Sysinde.dll
2015-04-18 14:23:48 ----A---- C:\Windows\SYSWOW64\Mscmcde.dll
2015-04-18 14:23:48 ----A---- C:\Windows\SYSWOW64\Ctl3dv2.dll
2015-04-18 13:45:54 ----A---- C:\Windows\system32\tdh.dll
2015-04-18 13:45:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-18 13:45:53 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-04-18 13:45:53 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-04-18 13:45:53 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-18 13:45:53 ----A---- C:\Windows\system32\sechost.dll
2015-04-18 13:45:53 ----A---- C:\Windows\system32\ntdll.dll
2015-04-18 13:45:52 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-04-18 13:45:52 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-04-18 13:45:52 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-04-18 13:45:52 ----A---- C:\Windows\system32\tracerpt.exe
2015-04-18 13:45:52 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-18 13:45:52 ----A---- C:\Windows\system32\logman.exe
2015-04-18 13:45:51 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-04-18 13:45:51 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-04-18 13:45:51 ----A---- C:\Windows\system32\wow64.dll
2015-04-18 13:45:51 ----A---- C:\Windows\system32\typeperf.exe
2015-04-18 13:45:51 ----A---- C:\Windows\system32\relog.exe
2015-04-18 13:45:51 ----A---- C:\Windows\system32\diskperf.exe
2015-04-18 13:45:50 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-18 13:45:42 ----A---- C:\Windows\system32\msctf.dll
2015-04-18 13:45:41 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-04-18 13:45:40 ----A---- C:\Windows\system32\workerdd.dll
2015-04-18 13:45:40 ----A---- C:\Windows\system32\lsm.dll
2015-04-18 13:45:39 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2015-04-18 13:45:39 ----A---- C:\Windows\system32\pku2u.dll
2015-04-18 13:45:35 ----A---- C:\Windows\system32\mshtml.dll
2015-04-18 13:45:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-18 13:45:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-18 13:45:32 ----A---- C:\Windows\system32\jscript9.dll
2015-04-18 13:45:31 ----A---- C:\Windows\system32\ieframe.dll
2015-04-18 13:45:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-18 13:45:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-18 13:45:29 ----A---- C:\Windows\system32\wininet.dll
2015-04-18 13:45:29 ----A---- C:\Windows\system32\iertutil.dll
2015-04-18 13:45:29 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-18 13:45:28 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-18 13:45:27 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-04-18 13:45:27 ----A---- C:\Windows\system32\urlmon.dll
2015-04-18 13:45:27 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-18 13:45:27 ----A---- C:\Windows\system32\inetcomm.dll
2015-04-18 13:45:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-18 13:45:26 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-18 13:45:12 ----A---- C:\Windows\system32\jscript.dll
2015-04-18 13:44:59 ----A---- C:\Windows\system32\vbscript.dll
2015-04-18 13:44:43 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-04-18 13:44:36 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-18 13:44:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-18 13:44:34 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-18 13:44:34 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-18 13:44:29 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-18 13:44:18 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-18 13:44:18 ----A---- C:\Windows\system32\drivers\clfs.sys
2015-04-18 13:44:18 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-18 13:44:16 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-18 13:44:16 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-18 13:44:16 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-18 13:44:16 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-18 13:44:16 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-18 13:44:16 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-18 13:44:16 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-04-18 13:44:16 ----A---- C:\Windows\system32\wups2.dll
2015-04-18 13:44:16 ----A---- C:\Windows\system32\wups.dll
2015-04-18 13:44:16 ----A---- C:\Windows\system32\wudriver.dll
2015-04-18 13:44:16 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-18 13:44:16 ----A---- C:\Windows\system32\wuapp.exe
2015-04-18 13:44:16 ----A---- C:\Windows\system32\wuapi.dll
2015-04-18 13:44:16 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-18 13:44:15 ----A---- C:\Windows\system32\wucltux.dll
2015-04-18 13:44:15 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-18 13:44:15 ----A---- C:\Windows\system32\wuaext.dll
2015-04-18 13:44:15 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-18 13:44:15 ----A---- C:\Windows\system32\storewuauth.dll
2015-04-18 13:44:01 ----A---- C:\Windows\system32\invagent.dll
2015-04-18 13:44:01 ----A---- C:\Windows\system32\generaltel.dll
2015-04-18 13:44:01 ----A---- C:\Windows\system32\devinv.dll
2015-04-18 13:44:01 ----A---- C:\Windows\system32\appraiser.dll
2015-04-18 13:44:01 ----A---- C:\Windows\system32\aepic.dll
2015-04-18 13:44:01 ----A---- C:\Windows\system32\aepdu.dll
2015-04-18 13:44:01 ----A---- C:\Windows\system32\aeinv.dll
2015-04-18 13:44:01 ----A---- C:\Windows\system32\acmigration.dll
2015-04-18 13:28:12 ----D---- C:\Users\Adrian\AppData\Roaming\AdobeUM
2015-04-18 13:09:03 ----D---- C:\ProgramData\Microsoft Help
2015-04-13 21:10:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-13 20:02:34 ----D---- C:\Program Files\Google
2015-04-13 20:02:17 ----D---- C:\ProgramData\Google
2015-04-13 20:01:53 ----D---- C:\Program Files (x86)\Google

======List of files/folders modified in the last 1 month======

2015-04-27 20:27:49 ----D---- C:\Program Files\trend micro
2015-04-27 20:25:16 ----D---- C:\Windows\Prefetch
2015-04-27 20:23:52 ----RAD---- C:\Windows\System32
2015-04-27 20:22:17 ----D---- C:\Windows\Temp
2015-04-27 20:19:39 ----D---- C:\Windows\Microsoft.NET
2015-04-27 20:18:09 ----D---- C:\Windows\system32\config
2015-04-27 20:17:08 ----SHD---- C:\Windows\Installer
2015-04-27 20:16:50 ----RSD---- C:\Windows\assembly
2015-04-27 20:15:00 ----SD---- C:\ProgramData\Microsoft
2015-04-27 20:15:00 ----RD---- C:\Program Files (x86)
2015-04-27 20:15:00 ----RD---- C:\Program Files
2015-04-27 20:15:00 ----D---- C:\Program Files\Common Files\microsoft shared
2015-04-27 20:15:00 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-04-27 20:15:00 ----AD---- C:\Windows
2015-04-27 20:13:42 ----RSD---- C:\Windows\Fonts
2015-04-27 20:13:10 ----D---- C:\Program Files (x86)\Microsoft Office
2015-04-27 20:13:08 ----D---- C:\Windows\ShellNew
2015-04-27 20:13:06 ----D---- C:\Program Files (x86)\MSBuild
2015-04-27 20:13:01 ----D---- C:\Program Files\Common Files
2015-04-27 20:11:30 ----D---- C:\Program Files\Common Files\System
2015-04-27 20:11:29 ----A---- C:\Windows\win.ini
2015-04-27 20:09:30 ----D---- C:\Windows\system32\sru
2015-04-27 20:08:37 ----SHD---- C:\System Volume Information
2015-04-27 20:07:04 ----D---- C:\Users\Adrian\AppData\Roaming\ClassicShell
2015-04-27 19:42:05 ----D---- C:\Windows\AppCompat
2015-04-27 19:35:35 ----D---- C:\Windows\AppReadiness
2015-04-19 14:05:58 ----D---- C:\Windows\Inf
2015-04-19 14:05:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-19 13:59:52 ----D---- C:\Windows\Logs
2015-04-19 13:59:48 ----D---- C:\Windows\WinSxS
2015-04-19 13:59:25 ----D---- C:\Windows\Tasks
2015-04-19 13:59:25 ----D---- C:\Windows\system32\Tasks
2015-04-19 13:59:19 ----D---- C:\Windows\SysWOW64
2015-04-19 13:57:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-19 07:55:05 ----D---- C:\Windows\system32\catroot
2015-04-19 07:53:14 ----D---- C:\Windows\system32\wbem
2015-04-19 07:53:14 ----D---- C:\Windows\apppatch
2015-04-19 07:53:13 ----D---- C:\Windows\system32\en-US
2015-04-19 07:53:13 ----D---- C:\Windows\system32\cs-CZ
2015-04-19 07:53:11 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-19 07:53:11 ----D---- C:\Program Files\Internet Explorer
2015-04-19 07:53:09 ----D---- C:\Windows\system32\drivers
2015-04-19 07:41:41 ----D---- C:\ProgramData\NVIDIA
2015-04-19 07:40:04 ----D---- C:\Windows\system32\DriverStore
2015-04-19 06:55:07 ----D---- C:\Users\Adrian\AppData\Roaming\uTorrent
2015-04-19 02:46:04 ----HD---- C:\Program Files\WindowsApps
2015-04-19 02:45:16 ----D---- C:\Windows\system32\MRT
2015-04-19 02:33:29 ----A---- C:\Windows\system32\MRT.exe
2015-04-19 02:33:20 ----D---- C:\Windows\CbsTemp
2015-04-18 22:31:15 ----SHD---- C:\$RECYCLE.BIN
2015-04-18 20:34:39 ----SD---- C:\Users\Adrian\AppData\Roaming\Microsoft
2015-04-18 19:26:42 ----AHD---- C:\ProgramData
2015-04-18 19:24:31 ----D---- C:\Windows\system32\catroot2
2015-04-18 14:08:16 ----D---- C:\Windows\debug
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvinitx.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvapi64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvcpl.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvshext.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-04-08 23:30:13 ----A---- C:\Windows\system32\nvmctray.dll
2015-03-28 05:44:01 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-03-28 05:44:01 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-03-28 05:43:39 ----A---- C:\Windows\system32\nvspcap64.dll
2015-03-28 05:43:39 ----A---- C:\Windows\system32\nvspbridge64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-02 267632]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-04-09 31376]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-01-12 386680]
R0 tos_sps64;@oem21.inf,%SERVICE_DESC_amd64%;TOSHIBA tos_sps64 Service; C:\Windows\System32\drivers\tos_sps64.sys [2012-06-18 499096]
R0 TVALZ;@oem17.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R0 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\System32\Drivers\TVALZFL.sys [2012-07-22 16768]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-02 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-02 436624]
R1 dtsoftbus01;@oem32.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-01-12 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-02 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-02 116728]
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [2009-09-11 14344]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-02 271752]
R3 AmUStor;@oem20.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 athr;@oem18.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-08-16 3859968]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-10-01 594632]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-09-16 4177920]
R3 IntcDAud;@oem3.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-09-16 449528]
R3 iwdbus;@oem6.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 L1C;@oem13.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-07-18 130248]
R3 MEIx64;@oem2.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-04-09 10423952]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-03-28 19600]
R3 nvvad_WaveExtensible;@oem30.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-22 34544]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-08-16 551936]
R3 SynTP;@oem23.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-08-06 528112]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2012-07-25 31184]
R3 Thotkey;@oem14.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys [2013-08-19 32624]
R3 tosrfec;@oem22.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys [2013-11-01 27032]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dtscsidrv;dtscsidrv; C:\Windows\system32\drivers\dtscsidrv.sys [2015-01-12 309248]
S3 intaud_WaveExtensible;@oem5.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 nmwcd;@oem36.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem40.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-10-01 312448]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-02 50344]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-01-23 1858048]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [2013-03-27 163168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-04-08 936264]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2015-01-08 2324216]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-16 339456]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\Teco\TecoService.exe [2013-08-10 328544]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-02 4012248]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2013-09-04 466504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13 116648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-09-20 279024]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-04-13 194032]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-13 148080]
S3 TemproMonitoringService;TEMPRO Service; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2013-07-19 116088]
S3 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2013-07-31 53864]

-----------------EOF-----------------

#6 Příspěvek od **Roli** » 28 dub 2015 16:43

Stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :

Služba Google Update (gupdate)
Služba Google Update (gupdatem)
Google Software Updater (gusvc)

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.

Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files
C:\Windows\tasks\AutoKMS.job
C:\Windows\AutoKMS.exe 
C:\Windows\tasks\AutoKMSDaily.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\AutoKMS.ini
C:\Windows\KMSEmulator.exe

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

abdul99 · #7 Příspěvek od **abdul99** » 28 dub 2015 18:53

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Windows\tasks\AutoKMS.job moved successfully.
C:\Windows\AutoKMS.exe moved successfully.
C:\Windows\tasks\AutoKMSDaily.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\AutoKMS.ini moved successfully.
C:\Windows\KMSEmulator.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Adrian
->Temp folder emptied: 775676142 bytes
->Temporary Internet Files folder emptied: 83820161 bytes
->FireFox cache emptied: 366456365 bytes
->Google Chrome cache emptied: 8027282 bytes
->Flash cache emptied: 1529 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2118137 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 179,00 mb

OTM by OldTimer - Version 3.1.21.0 log created on 04282015_193206

Files moved on Reboot...
C:\Users\Adrian\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#8 Příspěvek od **Roli** » 28 dub 2015 21:25

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.

Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

abdul99 · #9 Příspěvek od **abdul99** » 28 dub 2015 21:48

# AdwCleaner v4.202 - Log vytvořen 28/04/2015 v 22:41:45
# Aktualizováno 23/04/2015 by Xplode
# Databáze : 2015-04-27.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Adrian - OCHMANEK
# Spuštěno z : C:\Users\Adrian\Desktop\adwcleaner_4.202.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\baidu
Složka Smazáno : C:\ProgramData\{ed246866-b7f3-4517-ed24-46866b7fa19a}

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíč Smazáno : HKLM\SOFTWARE\simplitec
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\499E8534DA7E759419D2048CB780D3D5
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5DCE3C04E576AD15F972B67D0725120C
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62255E52F19EC97429A42D59D49024FA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\930D9472A978D7A4EB16BF4DECB173B7
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AEB93799E8B47D14CA356E4343D632A4
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE7C2A75DF08824E9CEFDE20F655BD9

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v37.0.2 (x86 cs)

-\\ Google Chrome v42.0.2311.90

[C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck

-\\ Comodo Dragon v

*************************

AdwCleaner[R0].txt - [2176 bytů] - [28/04/2015 22:39:20]
AdwCleaner[S0].txt - [2064 bytů] - [28/04/2015 22:41:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2122 bytů] ##########

#10 Příspěvek od **Roli** » 29 dub 2015 17:04

Bezva uklizeno, jak se PC chová ?

abdul99 · #11 Příspěvek od **abdul99** » 01 kvě 2015 12:56

NTB jakoby ožil. Reaguje podstatně rychleji na mé příkazy a neseká se tolik..

#12 Příspěvek od **Roli** » 01 kvě 2015 21:33

abdul99 píše:NTB jakoby ožil. Reaguje podstatně rychleji na mé příkazy a neseká se tolik..

Bezva v tom případě pokud již není jiný problém je to z mé strany vše.

abdul99 · #13 Příspěvek od **abdul99** » 01 kvě 2015 21:55

Mockrát díky! Jen mne tak napadlo, jak chceš ten výpis z rsit, to opravdu čteš vše, nebo hledáš vždy jen něco určitého?

#14 Příspěvek od **Roli** » 01 kvě 2015 21:56

abdul99 píše:Jen mne tak napadlo, jak chceš ten výpis z rsit, to opravdu čteš vše, nebo hledáš vždy jen něco určitého?

Přečtu jej celý a vidím co tam nepatří.

abdul99 píše:Mockrát díky!

Není zač a

VIRY.CZ

prosím o preventivku

prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku