Kontrola logu

[anubys]

Prosím o preventivní kontrolu tohoto logu:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavel at 2014-10-25 14:04:55
Microsoft Windows 8.1 Pro
System drive C: has 28 GB (28%) free of 100 GB
Total RAM: 8078 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:05:02, on 25. 10. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: EvernoteTray.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9617 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
dashost.exe {6291e4da-badb-45ff-8cf38e9ab1a75f92}
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b7117199-a717-4e90-be4d-04b8c87d4b85 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
\??\C:\Windows\system32\conhost.exe 0x4
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Evernote\Evernote\Evernote.exe" /Hide
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
"C:\Users\Pavel\Desktop\RSITx64.exe"
"C:\Program Files\AVAST Software\Avast\setup\instup.exe" /instop:update_vps

======Scheduled tasks folder======

C:\Windows\tasks\26e2b005-82c0-4611-a28f-b1fe927fd816-11.job - C:\Program Files (x86)\Sense\26e2b005-82c0-4611-a28f-b1fe927fd816-11.exe /rawdata=uNnZlimlvGPqiyyj4kVlWSkakq5lr/glmfhYozdmbKxqBqkgV23raeYcfg+xu20po22pTV46/bR8om3Ob2hdMLsrqYlQ+TCxmlp/ZV91mI4MKYHvWrRRZqK2OrHIuvmSx+HYKV2ZP2a8+i//6mnWu1grgXl3F/9XNyf+9KSK2wdSEfKgbkQOdYiryfVyiIff+WQjQAytCa2SW/ZmE9v17hcLrmfkh31aT8RUoacy2HoaDwAd1f6Fu0P/5nu6rvgm+da9qyFi0RBseSvmaEvnLUwP7Zx5+dgbGb5DFHx/NvDg+NJaEo++EaI8PwgiDWZ4zkyPlIvIsIO/S95Hkc/F/AdYkxO0hi9SctfzKHjS69pnRuNaKyvHX3kIn0afYqDyuzwxaapm73rH1cDrn9M4qpGBW8HUKB1bhiYyGibP2QuVm8fZdgF/6yZuL0yZ2QZWSthZHzzVT1n5wmH4J0QbHZoxVB4nEKAdbd5fhseR5xN/viJuxPt57QA4G+kHv/dVb2WJJvJp2AV9YMTOkvkwe2mOcNR/1hVTYP4ij9dzsRk2JRDAkXHNH9nrEfhYyhLgMyeFJyUbSJn/XdNqycAXYaMY/K+eiOKryWFqBv8a+uioKinRhM4HhJ1iBt0rsT3V6ovmKIlOiobkQ9QDuIqrMTTSlDQqgrsvz3IBXsEE+GIqysSG2GoUJn7bP8Wi6K1bYD8NZIylswlRER1aE0g4DoXsJ+99bwv9Up7meEU2I7aBrHqq6P5lYv7fI3yE3Tbw/pr/kT8gQdQ38Vyu/uAutUTUj5UotXwncRKWJZvCDM/Qng/YfAcjrci7SmziQaTH5HxvQJxZRaS8RH9hecni7xin01GkvF75+SbdEa639wLVSHDqN/Abr9JPf3d3tC7OlnQdqJsHA1cfcG07Z5JPTbHv7UE8lDeWRjiAxmu2k89NjenMl9o9sJoc0p5cqO102HsjAwQdOkT5fePbtSj0np6WNZj1Xx0XbVWE9pDx3cj2K6IjzxJB3MtDX2HQHiwqmaBrJOfGSuVea3C2w6JMMhPhJDZV55fik8mWqg43bQC7qaeRbOHs4X0qpwKRw+lhtKRbaan+bvkh6tFjMRv+5SqqlbHllAnq1takt+JkicEX5UAyYqmnyAmSNK84xOmfMn0+jG4AMycvhoJrSt4W733f/CNqk7f5MhWADG/MZoZ/bHuIVzwQrfegiqBe1r4AQoIK9h97u6x2fyvVi8YRxJvjmnoJbBeNMBxUWGIyV9THJUqWMe5fIi1NGQ3isTB8vdx9Ae/6fKMx+ineHjIzYVUjAz8KLhwLyszjjEMg9s4qmcATYBL7At2Z67nFvGAmExDVvSVijxuTwiF1hSeLgIYuKfRO10WBPjIyzfbdImfFB2dNoJd3w1SA3TuOa0YvcjNRJ82uwftcxgU2SKzO9gu9LWxDnbY6ceJadcbRuykrAHqZHOyI3ph9JkZB5di34vHvo+BnlVRQJwuX7Sc5EbC3O6MKoN6JFXPvbea92h7WMPlY1aknAwmC5YlzfMQ5IlZULv+9Sv9eYy2eArWrKCbgiXbNLcqpcTYpGQX9S8yDpf50xugmnH7EbSMwEat8eAC7HY2bGyyJ+ux9sCusZkw8xSdVW/Bw2yTAB+9cG2xdCraVYqFNw9qFLHtpY59bllvvu+RuU5z878Z8DyL5BhfXQr0d+S/5Bdy47ZlWPpTBIzhd0PDX8hNt7FDmAU6H4w5/McZOvZY8XFT4mmzbPM071aA1hRw2RB0lyLKCw9Pv47cqRj/ZL4uPP/0J9IQcFOuJWaz6JXNG1rGeQP/d386KarwouC4erSWlf3pAJ2S9iS7BTVFDit4+8Vf0E6cF3fdvSVWs/SJDJvfZoH7KDLRlYfkPVuTUEOnE7bqqwrTKOMca0vJspSCD6CX3bwZtZ4ePP1BZ92o7KwHJysZUBgPSuVbEnxSzKGSlNUOKwLhMb1iQyHIGotZTAtm22nwEbXJz4TqKGCJVVrAHsGg9E/y2SbgpjcVK8ii8UIe6Y4gCcEeGZT57HVW0CppO3qXhEOWe519vOixoSc23tQ17t3rqUeFTkLTDTdgaCCcCbdKHnzuf8xumou/bTlncdZqaeIPm5+54qtTGCSH7OLr7b0dfpL/wvoBNADWy/ZeWgjqrhL22L4R5jy2Ryql4QQdNMMvslo/VeW8JJyVBxDWC9XVzqRDsfW2CQKAY4rDikSQ/17YAf86lutRClYpMInkJfR40hzCqd5UJAkajsW8dGF4tFki6Bz7Fx29pTXcjXzNu+w7JW0SpNfo8tyaH1FQx4XLZNL9huErhF9Wo0IJJPsovBbCzwP/yUKblfXy9tEhwxMcq99gCjInISdwC/IaphSsJTaMkPd0ZzRZ1r9MRHkgMwd0xhynasHbKKPaKOzTT+JEQhf9rtNBxZ6SKktR+DjQxCJM9h85++MkpMQB5J0vu9zcm88MMvQsdhywtmuaNH+jomzkvAnDi09TVT5wn3iLJODiJFCStHVGjVGlc8+4KDWxOPYjlGq0gZFL2sXHV+QhF7Vyee8UqHaUYsbch
C:\Windows\tasks\26e2b005-82c0-4611-a28f-b1fe927fd816-3.job - C:\Program Files (x86)\Sense\26e2b005-82c0-4611-a28f-b1fe927fd816-3.exe /rawdata=aBaDtctsztI0l0hkCdQb1SH24e2QZhKPSLNXdQVbKKQOda5u2DI9kvTe7YB5Hp7d3JvNNvU7rs11PID0nIwNQWmNzMl0odep9XAeCy75RiAIUhJOUzYW2eBNs3nGUv8+mOH1/tcUQ1gBElZzc8e5/05ULDOPsuIDUNPOZMU3FCqvj31FCWJPzXsPp1G8tFpuuKpmvpdYWTjb07F6foDUyCe9QxYfyoHskHnYZkpatDUU+I0hVbuXFMyT0y4OcabC4+NYueeolmUnP9dWlrKIuEe2/Rn6OHB0J+4UEubr/6wIhniSOYS9NlYqzNBGWtXNse8HZZxbOITkvYVx/RmZ1XR5ziS4ZjAJlN6RvNLZJ3ZUHfFyAysdTWjago5jZ3EtFPxtZDZGN+zSh/h3kdDMN83qY5BIc8l6FikdNRh1ofk7vkRJSNwu8R1UZQvbB/q0XVTwYlEKD/6S2gJU3qlHAPZcZfT7gaa7Fji13V/yQJmFyKFzPb8Ck9YJR0UbjzZPintSreiCZTfMR5JLbjlzqRnvSfE7Gf7K3hw3Bbd/38tNE2MredPnFr7WqJ3qoPN5yiE/9/N3RR26su7C4VjAmV2JKGs3ebvbFK0pA5Bb+Zw9AmIWfTD9OGoZDEZE3+bE+z/7ABfJ7ARvH8kcuGND7+rF6hAlSft1pbSC6aqnNB9xu4OSurJ38YH6kr8bVYNQFfsqvfd2iBXf2mUTIfhwXIWjOBb8U5NAzTzy+VQVyI5CXNLaT7MjTgVQAVEyy1KnKA3P552CBHQf1Jm130yHweZsH5UeJjuUVrO4zOfnsC6ehYxOwL7dsOT0hQaAFTHWdyq8H3Oop4bpnRALi8a2favI2PK/2KYOLFSb0NxuttfriODH4qhk3NGR2iKnOf1Tzmyoj1oZZ4jesLomkQGXFcI6Mh0w4FqsoZpVWbvM0id9CjawTcM4zIzvjFl/+b9naXm2c6u3if8mZF4+qGmweksDicAOV5IyKsaysJ9gcZ910D9I8OL1Xu1Qahw5IdagnA2ZTBoktqbqoo328RTArMqjqa80eWxk5cbYjE+3xJJlPw+/4KHJw2Y3U91I6dVX2vm/iE8hu3RcVatzTEKaocvjz5ecE/WkqCgRKmShn41uRaSoyFrcTro5QQptbFeSnyEVcZoM1Onr5Hb91CKtaFap0CN6H0jv+RXKG//tISl1L3ZcMXuX0oVFpKKjfvwWNomyypJpjDQPHrR2/vhMJkWe3AOUX8eKYLJQgWjhNs6rotoY4Qd0xWD3oAoeHTO4osPNPVmS78YuXbrOUzGGkmdkMNttdi1Kls1VObeKEegJKhSFKGwgc4mhuLrZkJT0y68YEXgio4hrA+FkbfaZP2Mm0VRmkgup7zHlA4GiVjrCeUVY7fjfwK6YQa1SzHQHxvFFhmMWfl4yPDhJA6D81Elak/E7p3wPCAAX1r0XKDq2cxq04fDNMepC6FvYodHRJm7CgH+pa3QR4Sb+To7g89DeP5qr1YO6XzpvNffAuMMTz71eYg2MZ3ox47Pq7J7zjwceB+/TcdblSFeE+YGuICIMn6+gLKzBgkWs1RVIOxSSydvnmhstGU8kuskaB227W4luEF7qnh8NNkm4EHPmk+DGGbKlMzPbUVsURBAdUMb+eewoAV/s8iMZEBoNnr6O7o6Xq7Vc6qc6PRC28dkRMsPhOci4jovsBBkkivpVmr4=
C:\Windows\tasks\26e2b005-82c0-4611-a28f-b1fe927fd816-4.job - C:\Program Files (x86)\Sense\26e2b005-82c0-4611-a28f-b1fe927fd816-4.exe /rawdata=CMsQ//gmGzCFXzx0rvZM/MSZwYUJcKx0H4so1LOPgf70SrcMbY0ZUBHNRbzXpHQlFgrIM1zIBkvOX4os3OnwX+gVgXTY3zmtaWV8jnTk+o3dym3qrNXGerKB2y8WMbxgVTLov6MTyFzje05vVasqp3LbtE1xqxZ6NBCMt5lu6v9AYs2gAzcEAAFOz62IUznbfqnscxW16cf/ZoP4x01Dhcs9i5MW4Tx7rxHnEFbQOWR3+5XACUEohqBmCA+aU1YV0J+0E1ss2HELwJK24XW8hyQhRzN6p4ADyu6w9xkSv3p5VcHGHKgFzJinuXQuYmx71fPayxIw9lCf8SexjzDLvqllq7+PWSW3ByP+h9VURG/d5MhU+P1Zs6KM3lbqAzFmx3U3gZmZzOYlBjNeWmcJmy1jqhRq3XCI9EwoDAg4w0WMZjJpp4yk27ij9YP6rnCaxC4uYj+S92GnZHjzuT2hgaXhej+H9ikV/LGlcdp4fTTcINWB/AEmKbOKhg+ipey2MHg3ldJ89hQXPJ1WjHYfw2sg4Cz7MySDUCzUZfbjgmmWf/ZbOCz4EhNrjC8c8eOiW0NE9vFPsNV28pBmklrONljWlE6aH0/jB3JHxSoJ90pv8VhLasRI+KpL3++2bFHFAOskOhEC4eMuuIWMyjKjroy5A4NY41gsAAPUqP5sKBRO9kp6coKhpFTgL24Fzb/IRyeeHoIdr6fOwflZ4jj0ONp8EMngnYoUAS6cgycnUVgjR/SpOMWYL2dv1R6h+ntdAlYke76MCq/E2863Ley0vhBKgMVGCIq4PAVKZaCXmDTF7EP5QZCkTX0o9M+3ySgffrWDEpcbURkb0f8xSTo79Ab0bW/0PDz96tXOwbZ+fujxcXESayy8VPh9vJu+j8Yv3aF47dOzawARKckeTlmykV09VCrr3fL1u+rgzjJejWtZt0juOcrcmAKpMwAP61zhvWYbS8E3Cv9r/7YkS8DLnh/s+v3/kEKHCJ+J7371FByueJnvNHnMUczQFMGbW0FPlsbXAgJgVtGxnJSF8odxeZZUmDRyR+5wxIaFaeVMYoyS1R+Lv5FqAekyqDwMfbNL2hD2YWFPEBQL1fEAf7dxUhG+0eLlcJIcQC5Y+pSxof1uTF/3o4Lu7UOpc+e5UCi5qPRuE8j2uVZRFkqpkJlLl52jTcaRgxQ4W6UTE9gOOg/D7BQU0n97CLTN8Rz04yq6YQpkeeh1j5F74O5yFzOf7zY/z/PH1Q+nyrjf1tk2hiMKprZZeI/Ip2+IgVOkv4C3UF9DYGMZ8GaXbQiY3ZWcsefLTSyiNEbbjtrdyhaqQIEkv21fM+TsVl2UOofL0mhP/XtNuk29V8N1f2NqEsCIR2TBGCFSVA1cQcV01ypPG8XaJyGuqIWE4mbeRevX4MWQ5v1R6GR1I6046P/8W0i7IPlcqN25J6ZojW5KRzMO8AlFQRHpVuJWqSrdZiVTcKWswRw4GwLcQeCmQ4KBYSNsgLA+uvGHesz9j+7JORf4zY4SNON4xTeieM6Tj8zctu+qP3gzdYadi5ykihpvLNcTCm1g61CXm7TqsYf2cY8c8n0Qn7Crn1HrwRSl75HqIuBd6rOM/WZqGLukBa+00ufBDX5rsDU5bu70nMzura2njB94jwqOjJueYJApFGLG9WJv8XaE39dK3g8DAMuO0GYdcz9aOGJJCOt21WXNzQ8iQzYhOBN6sM3JjwM3xaBFtKzTFFRzDW4VlZSm8ezCRqQPKLCGfd/nQC6bVLDxO8hwor3M8TiBDEuBP2LJCX8m2fH64ubJ+1xq8zXFKhD/MrTx4PVF+Iok3wvAp34y6Ol5PMcZ3Vw1IMm2dUW2Cspx/QHxXoDXOwd6EzZuJhiUTlcnlwOYYmN3Nke/pkK6RFpFuMrXqdN6Jpg5oIpWF6cdgkYosXMZXWiWz05ua/w1mliFssXFmtgMvc5zdsWQTJAjL2RqgLbfZlTlZBNK7jr+j3xmwCF9a/7evjCRoH9vdbr2TFMku1GzfYDWciWsGrsIu8BsfCNll1KVLurvrujYvWwF
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\EYSKI.job - C:\Users\Pavel\AppData\Roaming\EYSKI.exe /infocmdline=nHxWQYedwrZBagOg0SVFb0gI9tQDfIfBRqk0MStxPYdM4ywK17sj45oS7nbYQqWI2DOqr+XIJ6Xs0O3aumdODrtjVTunZwB5zVJRTKbVqvKY7ACawvtKfjGoNn+oD+w4c6+mf6MqJT+yfBV9FaZAbRzxkR5LRVROU8zejppGrlyUo87PzqN36PmFHS96IvpQnW6gdcC/hhsyTNokQv7LVHLACEATOK0Yh6gNVgrMEfSNCvz2db59nlZhZRyFtsHjrE3w/yj1qcSJAjxv6BpmfR/UNf8HWGx+xEKFg9//K/LAOhH1LDfBpgCHKWvRTYYFX2G9z1rzvKU7mhOrcgPtq6rzptfW2B+1UytNpgvrcGqnG5fRpHJoinyeEa8VgMy4JzHhc67DF/UJHHMU14p6zKuWIqGke1hYfjy8g1HmEU7AFL6S3a8L7VzrPmhGRHeLouOA2Hq5tPhmBdI+HwrC0FWXQAgGZeiFbhFE205ZAbFzYrSQtqkttWIWs53XJdVp
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\MSMFS.job - C:\Users\Pavel\AppData\Roaming\MSMFS.exe /infocmdline=uvYC9pbm0Y+gx6d+v4IT0KzTROmYCY0JYLG/BPRpm2Xybvd0Wge6yeu7UUZEteZuXinKBl941z1oYTTtVss0D/W9ItMb4dI8wrcihg8/VKivxhQ/+3QAam9QX5u+Mc3yBoTehT39IqllpT2GQpUMIyjSBtqUYoH8vuPmoqMjFWmUo87PzqN36PmFHS96IvpQnW6gdcC/hhsyTNokQv7LVHLACEATOK0Yh6gNVgrMEfSNCvz2db59nlZhZRyFtsHjrE3w/yj1qcSJAjxv6BpmfR/UNf8HWGx+xEKFg9//K/LAOhH1LDfBpgCHKWvRTYYFX2G9z1rzvKU7mhOrcgPtqzQ6s1X2gxMidDpQoXfp4DuHfgY7tCXsluanhjK+TcSEi+fvSZNJQOsRh+zIScjqJp+kMnMalvntMWmpfDUGgsznqM/Jdz0n+nPxXTwfgWL6+wwQEmJnSpxy7NhvEHAGNnyxB75klhVqV7m15Wifx5Fc2ktV9wVRLagzB+5mD/IJ
C:\Windows\tasks\OTWLPAX.job - C:\Users\Pavel\AppData\Roaming\OTWLPAX.exe /infocmdline=mj5YWYQaB9NwvSPqcLmFqcgqnsHIPporpWLA+KTd/2yayZG3MYir3Q0h4SaIg2GmOL+j9mc0fGyfQLNwo1z481XtaMGd/x7eiiIBJYV7whdp7uaj+cR0UTRxuDGPhUjHa/GbmVkjEVJVlgGPJCEebvmst8GZL9dVVIwy1F3kCx0spIQ5kPfJgXsxuTGCufxjujyvA27+Xv8e52+Iu4R/HJRuq22mESUfMI5LI3XJMrA86z7vO+x3h5odxr5ANg5B334cP9u/6NzXiOYzm/OPbXcs4re6Np+t329mpSvidLvp47R+7fXNs9C6VeyaLu8jrBSmeIubntpde0Eu6eNj+GDdYyoFqW5nkTN/9Orj8xNSBbVHmh/hE96KtwX0t8ZtDmqobWskWk8IJ3glsFzRewrdqUqVmnOO+KxHPwDGQpE9u1X3cXenV2kxHPZCqUZ5F+E9/2zS+DCFqWs8fqMh2u5QTKlXiJa5TE/GzDjZFPHkRqgYniVYVctp9v4+VsL4qA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=
C:\Windows\tasks\PGBUATNB.job - C:\Users\Pavel\AppData\Roaming\PGBUATNB.exe /infocmdline=JbVJ6JdEOTSa1tCJQbvMlQ59Z+qgKkD7xklr6osTEmiqiGWsueSxh1LOnQgsO4W3QroqpwDFgJlwr+IYRrXD8c6yLeVnn+rL93Hxh4LSHNHKJ8Z+mCsd279tsAIDAesb8Ae+m8RA2kR5sKZgEpz+0PRnekZsYiZ5nvDM/LRq4HyC7m2P4D5TNh4eIIgB5FejIq7G24ZostGjvWk8iTLxrFDcbenQ3HN84DjjxFicJ/Fpe500g/4qSGWxGm7gJgqEke4bDofEDNHN07dr4Je07j864+sequEqhTf4jFblFJt46HC5LF0v1fzNziHpsOk5/a2O8ywyC1NtoNo8EweKgAuuMhGmlWkVk6xUNCd5xLDTEXh71Z06awxNK9xU8uWfkM9w62HOP7TaWPSaaoPJef1Sb6Ejwxq+rg3Wb5wkXV3j+zQfGtGNTpaBWQSgzH0WL74j3K8KkRBwK23hZvuUaCw8FCmKinnuLuDTbjqkytqZvfkMLV+h5eyC8jrZ1V+vsZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=

=========Mozilla firefox=========

ProfilePath - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\7cqei6d7.default

prefs.js - "browser.startup.homepage" - "www.google.com"
prefs.js - "keyword.URL" - "https://www.google.com/search"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\7cqei6d7.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-05 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro64.dll [2014-10-24 501096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-16 2334416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-01 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-05 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-08-26 626528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-01 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-10-01 391128]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-10-01 771032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-10-01 769496]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-04 2463552]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-10-04 2800296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-30 4085896]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2013-10-23 337432]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]

C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
EvernoteTray.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-10-01 623104]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-10-25 14:04:55 ----D---- C:\rsit
2014-10-25 14:04:55 ----D---- C:\Program Files\trend micro
2014-10-25 13:35:46 ----A---- C:\Windows\SYSWOW64\wbhelp2.dll
2014-10-25 13:35:44 ----A---- C:\Windows\SYSWOW64\W95INF32.DLL
2014-10-25 13:35:44 ----A---- C:\Windows\SYSWOW64\W95INF16.DLL
2014-10-25 13:35:44 ----A---- C:\Windows\SYSWOW64\unicows.dll
2014-10-25 13:35:44 ----A---- C:\Windows\SYSWOW64\anim.dll
2014-10-25 13:35:41 ----D---- C:\Program Files (x86)\WinUtilities
2014-10-25 12:57:07 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2014-10-25 12:29:00 ----A---- C:\Windows\wininit.ini
2014-10-25 11:47:07 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-10-25 11:47:03 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-25 11:33:15 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-10-25 10:52:17 ----A---- C:\Users\Pavel\AppData\Roaming\MSMFS.exe
2014-10-25 10:51:57 ----A---- C:\Users\Pavel\AppData\Roaming\PGBUATNB.exe
2014-10-25 10:51:46 ----D---- C:\Program Files (x86)\winrar 45.8.7
2014-10-25 10:51:22 ----D---- C:\ProgramData\ShopperPro
2014-10-25 10:50:16 ----A---- C:\Users\Pavel\AppData\Roaming\EYSKI.exe
2014-10-25 10:50:04 ----A---- C:\Users\Pavel\AppData\Roaming\OTWLPAX.exe
2014-10-25 10:50:00 ----D---- C:\Program Files (x86)\globalUpdate
2014-10-25 10:01:12 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-25 10:01:12 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\untfs.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\WsmSvc.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\win32spl.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\untfs.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\twinui.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\schannel.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\shell32.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\SettingsHandlers.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\puiobj.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-25 09:46:30 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\MFMediaEngine.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\localspl.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\FXSAPI.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\netio.sys
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\cng.sys
2014-10-25 09:46:30 ----A---- C:\Windows\system32\certcli.dll
2014-10-23 19:21:17 ----D---- C:\Windows\SYSWOW64\NV
2014-10-23 19:21:17 ----D---- C:\Windows\system32\NV
2014-10-23 19:21:04 ----A---- C:\Windows\system32\nvshext.dll
2014-10-23 19:21:04 ----A---- C:\Windows\system32\nv3dappshextr.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvopencl.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvoglv64.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvinitx.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\NvIFR64.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\NvFBC64.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvdispgenco6434448.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvdispco6434448.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvcuvid.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvcuda.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2014-10-23 19:19:32 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-10-23 19:19:31 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-10-23 19:19:31 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-10-23 19:19:31 ----A---- C:\Windows\system32\nvcompiler.dll
2014-10-23 19:19:31 ----A---- C:\Windows\system32\nvapi64.dll
2014-10-23 19:16:35 ----D---- C:\Program Files (x86)\Evernote
2014-10-20 16:08:01 ----D---- C:\Program Files\iPod
2014-10-20 16:07:59 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-20 16:07:59 ----D---- C:\Program Files\iTunes
2014-10-20 16:07:59 ----D---- C:\Program Files (x86)\iTunes
2014-10-17 23:48:53 ----D---- C:\Users\Pavel\AppData\Roaming\Skype
2014-10-17 23:48:46 ----RD---- C:\Program Files (x86)\Skype
2014-10-17 23:48:34 ----D---- C:\ProgramData\Skype
2014-10-15 05:43:47 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-15 05:35:16 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 05:24:31 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 05:23:59 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2014-10-15 05:23:59 ----A---- C:\Windows\system32\MrmCoreR.dll
2014-10-15 05:23:56 ----A---- C:\Windows\system32\winbici.dll
2014-10-15 05:23:44 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-10-15 05:23:44 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-15 05:23:44 ----A---- C:\Windows\system32\wuapi.dll
2014-10-15 05:23:43 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-10-15 05:23:43 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-10-15 05:23:43 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wups2.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wups.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wudriver.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wucltux.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wuapp.exe
2014-10-15 05:23:01 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 05:23:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 05:22:55 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 05:22:54 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 05:22:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 05:22:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 05:22:52 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 05:22:51 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 05:22:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 05:22:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 05:22:49 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 05:22:48 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 05:22:48 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 05:22:48 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 05:22:47 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 05:22:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 05:22:46 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 05:22:45 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 05:22:45 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 05:22:45 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 05:22:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 05:22:44 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 05:22:37 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 05:22:37 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 05:22:37 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 05:22:37 ----A---- C:\Windows\system32\packager.dll
2014-10-15 05:22:36 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 05:22:36 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-10-15 05:22:36 ----A---- C:\Windows\system32\msi.dll
2014-10-15 05:22:36 ----A---- C:\Windows\system32\authui.dll
2014-10-15 05:22:36 ----A---- C:\Windows\system32\appinfo.dll
2014-10-07 20:50:23 ----A---- C:\Windows\system32\nvspcap64.dll
2014-10-07 20:50:22 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-10-07 16:24:33 ----D---- C:\Windows\SYSWOW64\directx
2014-10-03 16:04:24 ----D---- C:\Program Files\Microsoft.NET
2014-10-02 15:42:22 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-10-02 15:34:28 ----D---- C:\Program Files\Common Files\DESIGNER
2014-10-02 15:33:39 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2014-10-02 15:31:46 ----D---- C:\Windows\PCHEALTH
2014-10-02 15:31:46 ----D---- C:\Program Files\Microsoft SQL Server
2014-10-02 15:29:08 ----D---- C:\Program Files\Microsoft Analysis Services
2014-10-02 15:29:07 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-10-02 15:28:48 ----D---- C:\Program Files (x86)\Microsoft Office
2014-10-02 15:28:21 ----D---- C:\Program Files\Microsoft Office
2014-10-02 15:28:02 ----RHD---- C:\MSOCache
2014-10-01 20:57:44 ----D---- C:\Users\Pavel\AppData\Roaming\Steam
2014-10-01 08:06:53 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-10-01 08:06:45 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-01 08:06:45 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-10-01 08:06:45 ----A---- C:\Windows\SYSWOW64\java.exe
2014-10-01 08:06:38 ----D---- C:\Program Files (x86)\Java
2014-09-26 19:17:33 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-09-25 08:52:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-21 00:11:56 ----D---- C:\Program Files (x86)\EPUB File Reader
2014-09-20 19:09:07 ----D---- C:\Users\Pavel\AppData\Roaming\Xfire
2014-09-20 19:09:00 ----D---- C:\ProgramData\Xfire
2014-09-20 19:08:58 ----D---- C:\Program Files (x86)\Xfire
2014-09-19 16:00:32 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-09-19 15:58:05 ----A---- C:\Windows\system32\nvdispgenco6434411.dll
2014-09-19 15:58:05 ----A---- C:\Windows\system32\nvdispco6434411.dll
2014-09-19 14:51:56 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-09-19 14:51:56 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-09-19 14:51:56 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-09-16 17:53:01 ----D---- C:\Program Files (x86)\Steam
2014-09-15 08:19:26 ----A---- C:\Windows\system32\WSDMon.dll
2014-09-15 08:19:25 ----A---- C:\Windows\system32\tcpmon.dll
2014-09-15 08:19:24 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-09-15 08:19:24 ----A---- C:\Windows\system32\uDWM.dll
2014-09-15 08:19:24 ----A---- C:\Windows\explorer.exe
2014-09-15 08:19:21 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-09-15 08:19:21 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-09-15 08:19:21 ----A---- C:\Windows\system32\UXInit.dll
2014-09-15 08:19:21 ----A---- C:\Windows\system32\actxprxy.dll
2014-09-15 08:19:08 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-15 08:19:04 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2014-09-15 08:19:01 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-15 08:18:57 ----A---- C:\Windows\system32\mfcore.dll
2014-09-15 08:18:56 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2014-09-15 08:18:56 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-15 08:18:55 ----A---- C:\Windows\system32\wlansvc.dll
2014-09-15 08:18:55 ----A---- C:\Windows\system32\gpsvc.dll
2014-09-15 08:18:54 ----A---- C:\Windows\system32\workfolderssvc.dll
2014-09-15 08:18:54 ----A---- C:\Windows\system32\Windows.Media.dll
2014-09-15 08:18:52 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2014-09-15 08:18:51 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-09-15 08:18:51 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-09-15 08:18:51 ----A---- C:\Windows\system32\drivers\srv.sys
2014-09-15 08:18:50 ----A---- C:\Windows\system32\SRH.dll
2014-09-15 08:18:50 ----A---- C:\Windows\system32\printui.dll
2014-09-15 08:18:50 ----A---- C:\Windows\system32\mfplat.dll
2014-09-15 08:18:50 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-09-15 08:18:49 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-09-15 08:18:49 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-09-15 08:18:48 ----A---- C:\Windows\system32\XpsPrint.dll
2014-09-15 08:18:48 ----A---- C:\Windows\system32\netcfgx.dll
2014-09-15 08:18:48 ----A---- C:\Windows\system32\mispace.dll
2014-09-15 08:18:47 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2014-09-15 08:18:47 ----A---- C:\Windows\SYSWOW64\mispace.dll
2014-09-15 08:18:47 ----A---- C:\Windows\system32\WorkfoldersControl.dll
2014-09-15 08:18:47 ----A---- C:\Windows\system32\AppxPackaging.dll
2014-09-15 08:18:46 ----AC---- C:\Windows\system32\drivers\spaceport.sys
2014-09-15 08:18:46 ----A---- C:\Windows\SYSWOW64\SRH.dll
2014-09-15 08:18:46 ----A---- C:\Windows\SYSWOW64\printui.dll
2014-09-15 08:18:46 ----A---- C:\Windows\system32\wlanmsm.dll
2014-09-15 08:18:46 ----A---- C:\Windows\system32\srvsvc.dll
2014-09-15 08:18:46 ----A---- C:\Windows\system32\aclui.dll
2014-09-15 08:18:45 ----A---- C:\Windows\SYSWOW64\aclui.dll
2014-09-15 08:18:45 ----A---- C:\Windows\system32\spoolsv.exe
2014-09-15 08:18:45 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-09-15 08:18:44 ----AC---- C:\Windows\system32\drivers\volsnap.sys
2014-09-15 08:18:44 ----AC---- C:\Windows\system32\drivers\usbccgp.sys
2014-09-15 08:18:44 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2014-09-15 08:18:44 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2014-09-15 08:18:44 ----A---- C:\Windows\SYSWOW64\AppxPackaging.dll
2014-09-15 08:18:44 ----A---- C:\Windows\system32\SHCore.dll
2014-09-15 08:18:43 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 08:18:42 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-09-15 08:18:42 ----A---- C:\Windows\SYSWOW64\mftranscode.dll
2014-09-15 08:18:42 ----A---- C:\Windows\system32\storagewmi.dll
2014-09-15 08:18:42 ----A---- C:\Windows\system32\mftranscode.dll
2014-09-15 08:18:41 ----A---- C:\Windows\system32\usbmon.dll
2014-09-15 08:18:41 ----A---- C:\Windows\system32\comdlg32.dll
2014-09-15 08:18:41 ----A---- C:\Windows\system32\clusapi.dll
2014-09-15 08:18:40 ----A---- C:\Windows\system32\wisp.dll
2014-09-15 08:18:40 ----A---- C:\Windows\system32\winload.exe
2014-09-15 08:18:40 ----A---- C:\Windows\system32\WebClnt.dll
2014-09-15 08:18:40 ----A---- C:\Windows\system32\defragsvc.dll
2014-09-15 08:18:39 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2014-09-15 08:18:39 ----A---- C:\Windows\system32\wsecedit.dll
2014-09-15 08:18:39 ----A---- C:\Windows\system32\winresume.exe
2014-09-15 08:18:38 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-09-15 08:18:38 ----A---- C:\Windows\system32\user32.dll
2014-09-15 08:18:38 ----A---- C:\Windows\system32\profsvc.dll
2014-09-15 08:18:38 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-09-15 08:18:38 ----A---- C:\Windows\system32\drivers\nwifi.sys
2014-09-15 08:18:37 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2014-09-15 08:18:37 ----A---- C:\Windows\system32\wpdbusenum.dll
2014-09-15 08:18:37 ----A---- C:\Windows\system32\winmmbase.dll
2014-09-15 08:18:37 ----A---- C:\Windows\system32\WiFiDisplay.dll
2014-09-15 08:18:36 ----AC---- C:\Windows\system32\drivers\usbhub.sys
2014-09-15 08:18:36 ----A---- C:\Windows\system32\rdpcorets.dll
2014-09-15 08:18:35 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2014-09-15 08:18:35 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-09-15 08:18:35 ----A---- C:\Windows\SYSWOW64\Display.dll
2014-09-15 08:18:35 ----A---- C:\Windows\system32\VAN.dll
2014-09-15 08:18:35 ----A---- C:\Windows\system32\SettingSync.dll
2014-09-15 08:18:35 ----A---- C:\Windows\system32\conhost.exe
2014-09-15 08:18:35 ----A---- C:\Windows\system32\AppxSip.dll
2014-09-15 08:18:34 ----A---- C:\Windows\SYSWOW64\winmmbase.dll
2014-09-15 08:18:34 ----A---- C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-15 08:18:34 ----A---- C:\Windows\system32\SndVol.exe
2014-09-15 08:18:34 ----A---- C:\Windows\system32\Display.dll
2014-09-15 08:18:33 ----A---- C:\Windows\SYSWOW64\wisp.dll
2014-09-15 08:18:33 ----A---- C:\Windows\system32\osk.exe
2014-09-15 08:18:33 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2014-09-15 08:18:32 ----A---- C:\Windows\system32\mfps.dll
2014-09-15 08:18:32 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-09-15 08:18:32 ----A---- C:\Windows\system32\DafPrintProvider.dll
2014-09-15 08:18:32 ----A---- C:\Windows\system32\bcryptprimitives.dll
2014-09-15 08:18:31 ----AC---- C:\Windows\system32\drivers\hdaudbus.sys
2014-09-15 08:18:31 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2014-09-15 08:18:31 ----A---- C:\Windows\system32\winmm.dll
2014-09-15 08:18:31 ----A---- C:\Windows\system32\drivers\NdisImPlatform.sys
2014-09-15 08:18:31 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-09-15 08:18:30 ----A---- C:\Windows\SYSWOW64\wsecedit.dll
2014-09-15 08:18:30 ----A---- C:\Windows\SYSWOW64\AppxSip.dll
2014-09-15 08:18:30 ----A---- C:\Windows\system32\Windows.Networking.dll
2014-09-15 08:18:30 ----A---- C:\Windows\system32\twinapi.dll
2014-09-15 08:18:30 ----A---- C:\Windows\system32\dwmapi.dll
2014-09-15 08:18:29 ----A---- C:\Windows\SYSWOW64\prnntfy.dll
2014-09-15 08:18:29 ----A---- C:\Windows\system32\WorkFoldersShell.dll
2014-09-15 08:18:29 ----A---- C:\Windows\system32\prnntfy.dll
2014-09-15 08:18:29 ----A---- C:\Windows\system32\gpedit.dll
2014-09-15 08:18:29 ----A---- C:\Windows\system32\GdiPlus.dll
2014-09-15 08:18:28 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2014-09-15 08:18:28 ----A---- C:\Windows\SYSWOW64\winmm.dll
2014-09-15 08:18:28 ----A---- C:\Windows\SYSWOW64\puiapi.dll
2014-09-15 08:18:28 ----A---- C:\Windows\system32\puiapi.dll
2014-09-15 08:18:28 ----A---- C:\Windows\system32\ppcsnap.dll
2014-09-15 08:18:27 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2014-09-15 08:18:27 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-09-15 08:18:27 ----A---- C:\Windows\system32\iasnap.dll
2014-09-15 08:18:26 ----AC---- C:\Windows\system32\drivers\pci.sys
2014-09-15 08:18:26 ----A---- C:\Windows\SYSWOW64\VAN.dll
2014-09-15 08:18:25 ----A---- C:\Windows\system32\wcmcsp.dll
2014-09-15 08:18:25 ----A---- C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-15 08:18:25 ----A---- C:\Windows\system32\stobject.dll
2014-09-15 08:18:25 ----A---- C:\Windows\system32\drivers\ks.sys
2014-09-15 08:18:25 ----A---- C:\Windows\system32\AppxSysprep.dll
2014-09-15 08:18:24 ----A---- C:\Windows\system32\wwanconn.dll
2014-09-15 08:18:24 ----A---- C:\Windows\system32\dab.dll
2014-09-15 08:18:23 ----A---- C:\Windows\SYSWOW64\iasnap.dll
2014-09-15 08:18:23 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2014-09-15 08:18:23 ----A---- C:\Windows\system32\pmcsnap.dll
2014-09-15 08:18:22 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2014-09-15 08:18:22 ----A---- C:\Windows\system32\wlanapi.dll
2014-09-15 08:18:22 ----A---- C:\Windows\system32\rsaenh.dll
2014-09-15 08:18:22 ----A---- C:\Windows\system32\ActionCenter.dll
2014-09-15 08:18:19 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-09-15 08:18:19 ----A---- C:\Windows\system32\wshbth.dll
2014-09-15 08:18:18 ----A---- C:\Windows\SYSWOW64\Windows.Networking.dll
2014-09-15 08:18:18 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2014-09-15 08:18:18 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2014-09-15 08:18:18 ----A---- C:\Windows\system32\PrintDialogs.dll
2014-09-15 08:18:17 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2014-09-15 08:18:17 ----A---- C:\Windows\system32\wlansvcpal.dll
2014-09-15 08:18:17 ----A---- C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-15 08:18:17 ----A---- C:\Windows\system32\browser.dll
2014-09-15 08:18:16 ----A---- C:\Windows\SYSWOW64\stobject.dll
2014-09-15 08:18:16 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2014-09-15 08:18:15 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-09-15 08:18:15 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-09-15 08:18:15 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-09-15 08:18:15 ----A---- C:\Windows\system32\Defrag.exe
2014-09-15 08:18:14 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2014-09-15 08:18:13 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-09-15 08:18:13 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-09-15 08:18:13 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-09-15 08:18:13 ----A---- C:\Windows\system32\KBDRU.DLL
2014-09-15 08:18:13 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-09-15 08:18:12 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-09-15 08:18:12 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-09-15 08:18:12 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-09-15 08:18:12 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-09-15 08:18:12 ----A---- C:\Windows\system32\BluetoothApis.dll
2014-09-15 08:18:10 ----AC---- C:\Windows\system32\drivers\bthpan.sys
2014-09-15 08:18:10 ----A---- C:\Windows\SYSWOW64\PrintDialogs.dll
2014-09-15 08:18:09 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-09-15 08:18:09 ----A---- C:\Windows\system32\wwanmm.dll
2014-09-15 08:18:09 ----A---- C:\Windows\system32\SndVolSSO.dll
2014-09-15 08:18:09 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-09-15 08:18:09 ----A---- C:\Windows\system32\compstui.dll
2014-09-15 08:18:08 ----A---- C:\Windows\SYSWOW64\BluetoothApis.dll
2014-09-15 08:18:08 ----A---- C:\Windows\system32\wlansec.dll
2014-09-15 08:18:08 ----A---- C:\Windows\system32\rdpudd.dll
2014-09-15 08:18:07 ----A---- C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 08:18:05 ----A---- C:\Windows\SYSWOW64\KBDTT102.DLL
2014-09-15 08:18:05 ----A---- C:\Windows\system32\KBDTT102.DLL
2014-09-14 08:02:28 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-12 17:52:35 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2014-09-12 17:52:35 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2014-09-12 17:52:35 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2014-09-12 17:52:35 ----A---- C:\Windows\SYSWOW64\propsys.dll
2014-09-12 17:52:35 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-09-12 17:52:34 ----AC---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-09-12 17:52:34 ----AC---- C:\Windows\system32\drivers\bthport.sys
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\SkyDriveShell.dll
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\WSShared.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\Wldap32.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\Windows.UI.Search.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SyncEngine.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SkyDriveShell.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SkyDrive.exe
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SearchFolder.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\ProximityService.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\propsys.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\pcsvDevice.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\ntdll.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\mstscax.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\KernelBase.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\httpprxm.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\drivers\bridge.sys
2014-09-12 17:52:34 ----A---- C:\Windows\system32\bisrv.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\adhsvc.dll
2014-09-12 17:51:30 ----A---- C:\Windows\system32\drivers\msgpioclx.sys
2014-09-11 07:43:42 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 07:43:42 ----A---- C:\Windows\system32\iernonce.dll
2014-09-11 07:43:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 07:43:40 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-11 07:43:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-11 07:43:40 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-11 07:43:40 ----A---- C:\Windows\system32\msrating.dll
2014-09-11 07:43:40 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-11 07:43:40 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-11 07:43:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-11 07:43:39 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-11 07:43:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-11 07:43:39 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-11 07:43:39 ----A---- C:\Windows\system32\iesetup.dll
2014-09-11 07:43:38 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-11 07:43:38 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-11 07:43:38 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-11 07:43:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-11 07:43:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-11 07:25:29 ----A---- C:\Windows\system32\schedsvc.dll
2014-09-11 07:24:42 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2014-09-11 07:24:42 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2014-08-14 01:16:18 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 01:16:18 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-08-14 01:16:18 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 01:16:18 ----A---- C:\Windows\system32\dxgi.dll
2014-08-14 01:16:18 ----A---- C:\Windows\system32\dwmcore.dll
2014-08-14 01:16:17 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 01:15:30 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 01:15:30 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 01:15:26 ----A---- C:\Windows\system32\Wpc.dll
2014-08-14 01:15:25 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-08-14 01:15:25 ----A---- C:\Windows\system32\WpcWebSync.dll
2014-08-14 01:15:25 ----A---- C:\Windows\system32\WpcMon.exe
2014-08-14 01:14:11 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-14 01:14:11 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 01:14:11 ----A---- C:\Windows\system32\consent.exe
2014-08-14 01:13:42 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-14 01:13:42 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 01:13:41 ----A---- C:\Windows\system32\MDMAgent.exe
2014-08-10 09:34:18 ----AC---- C:\Windows\system32\drivers\usbuhci.sys
2014-08-10 09:34:18 ----AC---- C:\Windows\system32\drivers\usbport.sys
2014-08-10 09:34:18 ----AC---- C:\Windows\system32\drivers\usbehci.sys
2014-08-10 09:34:18 ----AC---- C:\Windows\system32\drivers\usbd.sys
2014-08-10 09:34:18 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2014-08-10 09:34:18 ----A---- C:\Windows\SYSWOW64\DaOtpCredentialProvider.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\WUDFHost.exe
2014-08-10 09:34:18 ----A---- C:\Windows\system32\hal.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\gpprefcl.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-08-10 09:34:18 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-08-10 09:34:18 ----A---- C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\cscui.dll
2014-07-30 16:00:17 ----A---- C:\Windows\SYSWOW64\SETA0E4.tmp
2014-07-30 16:00:17 ----A---- C:\Windows\system32\SET7FCD.tmp
2014-07-30 16:00:16 ----A---- C:\Windows\SYSWOW64\SET9585.tmp
2014-07-30 16:00:16 ----A---- C:\Windows\SYSWOW64\SET94D7.tmp
2014-07-30 16:00:16 ----A---- C:\Windows\system32\SET73C2.tmp
2014-07-30 16:00:16 ----A---- C:\Windows\system32\SET6515.tmp
2014-07-30 16:00:16 ----A---- C:\Windows\system32\nvdispgenco6434052.dll
2014-07-30 16:00:16 ----A---- C:\Windows\system32\nvdispco6434052.dll
2014-07-28 14:52:00 ----A---- C:\Windows\system32\usbaaplrc.dll
2014-07-28 14:52:00 ----A---- C:\Windows\system32\drivers\usbaapl64.sys

======List of files/folders modified in the last 3 months======

2014-10-25 14:04:59 ----D---- C:\Windows\Prefetch
2014-10-25 14:04:55 ----D---- C:\Program Files
2014-10-25 14:01:52 ----D---- C:\Windows\Temp
2014-10-25 14:00:01 ----D---- C:\Windows\system32\sru
2014-10-25 13:54:49 ----RD---- C:\Windows\System32
2014-10-25 13:54:49 ----D---- C:\Windows\Inf
2014-10-25 13:54:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-25 13:50:28 ----D---- C:\Windows
2014-10-25 13:36:40 ----D---- C:\Windows\SysWOW64
2014-10-25 13:35:41 ----RD---- C:\Program Files (x86)
2014-10-25 13:25:28 ----D---- C:\Windows\Tasks
2014-10-25 13:25:28 ----D---- C:\Windows\system32\Tasks
2014-10-25 12:57:18 ----HD---- C:\ProgramData
2014-10-25 12:52:23 ----D---- C:\Users\Pavel\AppData\Roaming\vlc
2014-10-25 12:29:01 ----SD---- C:\ProgramData\Microsoft
2014-10-25 11:40:02 ----D---- C:\Windows\system32\catroot2
2014-10-25 11:33:15 ----D---- C:\Windows\system32\drivers
2014-10-25 11:00:59 ----D---- C:\ProgramData\ProductData
2014-10-25 11:00:57 ----D---- C:\ProgramData\IObit
2014-10-25 10:57:11 ----D---- C:\Windows\SoftwareDistribution
2014-10-25 10:57:11 ----D---- C:\Windows\debug
2014-10-25 10:55:44 ----D---- C:\Windows\system32\wdi
2014-10-25 10:52:01 ----SHD---- C:\Windows\Installer
2014-10-25 10:51:46 ----D---- C:\Program Files (x86)\WinRAR
2014-10-25 10:51:24 ----D---- C:\Program Files\Common Files\System
2014-10-25 10:47:04 ----D---- C:\Windows\system32\config
2014-10-25 10:25:22 ----D---- C:\Windows\rescache
2014-10-25 10:18:10 ----D---- C:\Windows\Microsoft.NET
2014-10-25 10:03:40 ----D---- C:\Windows\WinSxS
2014-10-25 10:02:15 ----D---- C:\Windows\system32\DriverStore
2014-10-25 10:01:04 ----D---- C:\Windows\CbsTemp
2014-10-25 09:50:14 ----RD---- C:\Windows\ToastData
2014-10-25 09:50:14 ----RD---- C:\Windows\ImmersiveControlPanel
2014-10-25 09:50:14 ----D---- C:\Windows\apppatch
2014-10-25 09:49:33 ----SHD---- C:\System Volume Information
2014-10-25 09:45:06 ----D---- C:\Users\Pavel\AppData\Roaming\Winamp
2014-10-25 09:40:01 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2014-10-25 09:38:12 ----D---- C:\Users\Pavel\AppData\Roaming\uTorrent
2014-10-23 19:21:15 ----D---- C:\ProgramData\NVIDIA
2014-10-22 21:16:17 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2014-10-21 11:31:17 ----D---- C:\Windows\AppReadiness
2014-10-21 11:31:16 ----HD---- C:\Program Files\WindowsApps
2014-10-20 16:08:00 ----D---- C:\Program Files\Common Files\Apple
2014-10-20 04:34:55 ----RSD---- C:\Windows\assembly
2014-10-19 19:51:10 ----D---- C:\ProgramData\Microsoft Help
2014-10-18 17:45:55 ----D---- C:\Windows\MediaViewer
2014-10-18 17:45:55 ----D---- C:\Windows\FileManager
2014-10-18 17:45:55 ----D---- C:\Windows\Camera
2014-10-18 17:45:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-18 17:45:53 ----D---- C:\Program Files\Internet Explorer
2014-10-18 17:45:53 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-18 17:45:52 ----D---- C:\Windows\system32\cs-CZ
2014-10-17 23:48:47 ----D---- C:\Program Files (x86)\Common Files
2014-10-16 16:11:40 ----A---- C:\Windows\system32\nvsvc64.dll
2014-10-16 16:11:40 ----A---- C:\Windows\system32\nvcpl.dll
2014-10-16 16:11:36 ----A---- C:\Windows\system32\nvvsvc.exe
2014-10-16 16:11:36 ----A---- C:\Windows\system32\nvsvcr.dll
2014-10-16 16:11:36 ----A---- C:\Windows\system32\nvmctray.dll
2014-10-16 16:11:36 ----A---- C:\Windows\system32\nv3dappshext.dll
2014-10-15 05:45:07 ----A---- C:\Windows\win.ini
2014-10-15 05:42:54 ----D---- C:\Windows\system32\MRT
2014-10-15 05:39:40 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 05:38:45 ----RSD---- C:\Windows\Fonts
2014-10-13 17:59:34 ----D---- C:\Program Files (x86)\Origin Games
2014-10-10 18:37:32 ----D---- C:\ProgramData\Origin
2014-10-10 18:06:58 ----D---- C:\Users\Pavel\AppData\Roaming\NVIDIA
2014-10-10 18:06:40 ----D---- C:\Program Files (x86)\Origin
2014-10-09 15:33:21 ----D---- C:\Windows\Logs
2014-10-04 08:42:47 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2014-10-04 08:41:43 ----A---- C:\Windows\system32\nvspbridge64.dll
2014-10-03 16:04:24 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-10-03 16:04:23 ----D---- C:\Program Files\Common Files\microsoft shared
2014-10-02 15:41:39 ----D---- C:\Windows\ShellNew
2014-10-02 15:34:28 ----D---- C:\Program Files\Common Files
2014-10-02 15:33:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-10-02 15:21:46 ----D---- C:\Program Files (x86)\MSBuild
2014-10-01 08:07:04 ----D---- C:\ProgramData\Oracle
2014-09-29 13:02:22 ----D---- C:\Program Files\CCleaner
2014-09-26 19:12:19 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2014-09-26 19:01:33 ----D---- C:\Users\Pavel\AppData\Roaming\Origin
2014-09-21 20:19:40 ----D---- C:\Windows\system32\NDF
2014-09-20 09:04:08 ----D---- C:\Windows\SYSWOW64\wbem
2014-09-20 09:04:08 ----D---- C:\Windows\SYSWOW64\setup
2014-09-20 09:04:08 ----D---- C:\Windows\system32\wbem
2014-09-20 09:04:08 ----D---- C:\Windows\system32\setup
2014-09-20 09:04:08 ----D---- C:\Windows\system32\oobe
2014-09-20 09:04:08 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-09-20 09:04:08 ----D---- C:\Windows\system32\Boot
2014-09-20 09:04:08 ----D---- C:\Windows\PolicyDefinitions
2014-09-20 09:04:08 ----D---- C:\Program Files\Windows Journal
2014-09-20 09:04:07 ----D---- C:\Windows\SYSWOW64\InputMethod
2014-09-19 20:37:25 ----D---- C:\Windows\LiveKernelReports
2014-09-19 18:28:21 ----D---- C:\Users\Pavel\AppData\Roaming\Apple Computer
2014-09-19 16:00:32 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-09-19 15:47:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 14:52:57 ----D---- C:\Program Files\NVIDIA Corporation
2014-09-14 08:00:06 ----D---- C:\Windows\system32\catroot
2014-09-12 17:56:14 ----D---- C:\Windows\WinStore
2014-09-12 17:56:13 ----D---- C:\Windows\SYSWOW64\migration
2014-09-12 17:56:13 ----D---- C:\Windows\system32\migration
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-05 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-05 224896]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-10-16 30408]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-05 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-05 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-05 427360]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-10-23 129944]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-05 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-05 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-05 92008]
R3 athr;@oem23.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-08-14 3837440]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-01-28 593000]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HIDSwitch;@oem2.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2013-11-04 20280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 MEIx64;@oem1.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-17 62784]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-10-16 13190288]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-04 20288]
R3 nvvad_WaveExtensible;@oem24.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 RTL8168;@oem20.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-11-29 838872]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-28 34544]
R3 SynTP;@oem39.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-08-28 524528]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S2 sbmntr;SBMNTR; C:\Windows\system32\drivers\sbmntr.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-09-12 1200640]
S3 dg_ssudbus;@oem33.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem29.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem30.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem29.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 ssudmdm;@oem34.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tap0901;@oem4.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 USBAAPL64;@oem44.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-05 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-04 1149760]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-04 19440960]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-10-16 933064]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-28 76152]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-25 68608]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09 267440]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-25 68608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-25 114288]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]

-----------------EOF-----------------

Děkuji!

[altrok]

Prijemne sobotni odpoledne Vam preju,

odinstalujte

• vse od IObit (pokud jeste v PC neco zbylo)
• Spybot - Search & Destroy

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Stahnete a ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/,

• ukoncete vsechny programy,
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem),
• kliknete na Scan, pote na Clean,
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi.

Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm

• spustte jako spravce
• do velkeho okna zkopirujte script uvedeny nize
• kliknete na Run script
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi

  Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;

[anubys]

tak log z adw cleaneru:

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Found : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Found : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\ShopperPro
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 cs)


*************************

AdwCleaner[R0].txt - [2032 octets] - [25/10/2014 18:04:37]
AdwCleaner[R1].txt - [1756 octets] - [25/10/2014 19:32:04]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1816 octets] ##########


a tady log ze Zoeku:


Zoek.exe v5.0.0.0 Updated 24-10-2014
Tool run by Pavel on so 25. 10. 2014 at 18:08:00,40.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pavel\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25. 10. 2014 18:08:49 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\7cqei6d7.default\prefs.js:
user_pref("browser.startup.homepage", "www.google.com");
user_pref("browser.search.defaulturl", "https://www.google.com/search");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "https://www.google.com/search");

Added to C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\7cqei6d7.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\7cqei6d7.default

user.js not found
---- Lines CT1750559 removed from prefs.js ----
user_pref("CT1750559.dum", "2");
user_pref("CT1750559.FF19Solved", "true");
user_pref("CT1750559.fullUserID", "UN13162082431299720.IN.20140510112259");
user_pref("CT1750559.installDate", "10/05/2014 11:23:01");
user_pref("CT1750559.installerVersion", "1.11.0.9");
user_pref("CT1750559.installSessionId", "7c70ed54-2780-4f19-af02-1c32a5a1f6af");
user_pref("CT1750559.installSp", "FALSE");
user_pref("CT1750559.installUsage", "10/05/2014 11:24:26");
user_pref("CT1750559.installUsageEarly", "10/05/2014 11:24:26");
user_pref("CT1750559.searchRevert", "false");
user_pref("CT1750559.searchUninstallUserMode", "1");
user_pref("CT1750559.searchUserMode", "1");
user_pref("CT1750559.toolbarInstallDate", "10-05-2014 11:22:59");
user_pref("CT1750559.UserID", "UN13162082431299720");
user_pref("CT1750559.versionFromInstaller", "10.30.1.2");
user_pref("CT1750559.xpeMode", "1");
---- Lines smartbar removed from prefs.js ----
user_pref("smartbar.machineId", "MN1SZWJRXJYVAUIUGHNHCUXRS+XEFRXMM0GWI/BWA5DOSVF7EOW6CRQAFIQ/7S5PKDEBRAUM6NV6KWRQCLA02W");
---- FireFox user.js and prefs.js backups ----

prefs_201425.10._1913_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Pavel\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\Windows\Syswow64\SET23D7.tmp deleted
C:\Windows\Syswow64\SET2A26.tmp deleted
C:\Windows\Syswow64\SET2A47.tmp deleted
C:\Windows\Syswow64\SET3057.tmp deleted
C:\Windows\Syswow64\SET5413.tmp deleted
C:\Windows\Syswow64\SET5A43.tmp deleted
C:\Windows\Syswow64\SET5A64.tmp deleted
C:\Windows\Syswow64\SET60A3.tmp deleted
C:\Windows\Syswow64\SET62E7.tmp deleted
C:\Windows\Syswow64\SET94D7.tmp deleted
C:\Windows\Syswow64\SET9585.tmp deleted
C:\Windows\Syswow64\SETA0E4.tmp deleted
C:\Windows\Syswow64\SETE17A.tmp deleted
C:\Windows\Syswow64\SETE7BA.tmp deleted
C:\Windows\Syswow64\SETE80A.tmp deleted
C:\Windows\Syswow64\SETEDFA.tmp deleted
C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\7cqei6d7.default\CT1750559 deleted
"C:\Windows\tasks\EYSKI.job" deleted
"C:\Windows\SysNative\tasks\EYSKI" deleted
"C:\Windows\tasks\MSMFS.job" deleted
"C:\Windows\SysNative\tasks\MSMFS" deleted
"C:\Windows\tasks\OTWLPAX.job" deleted
"C:\Windows\SysNative\tasks\OTWLPAX" deleted
"C:\Windows\tasks\PGBUATNB.job" deleted
"C:\Windows\SysNative\tasks\PGBUATNB" deleted
"C:\PROGRA~2\Windows Portable Devices" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05. 07. 2014 14:12]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\7cqei6d7.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\7cqei6d7.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05. 07. 2014 14:11]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com/search?q={searchT ... d=ie7&rlz="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... d=ie7&rlz="

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pavel\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Pavel\AppData\Local\Mozilla\Firefox\Profiles\7cqei6d7.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=50 folders=24 100543894 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Pavel\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Pavel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 25. 10. 2014 at 19:28:34,77 ======================

[altrok]

Dejte novy log RSIT.

[anubys]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavel at 2014-10-25 20:02:49
Microsoft Windows 8.1 Pro
System drive C: has 27 GB (27%) free of 100 GB
Total RAM: 8078 MB (87% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:02:52, on 25. 10. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: EvernoteTray.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - Unknown owner - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9323 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
dashost.exe {7ce8a380-376e-4e4f-8ccabb388846cab4}
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b7117199-a717-4e90-be4d-04b8c87d4b85 1
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\skydrive.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding

"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564
"C:\Users\Pavel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\7cqei6d7.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\7cqei6d7.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-05 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-16 2334416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-01 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-05 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-08-26 626528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-01 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-10-01 391128]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-10-01 771032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-10-01 769496]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-04 2463552]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-10-04 2800296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-30 4085896]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2013-10-23 337432]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]

C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
EvernoteTray.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-10-01 623104]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-10-25 20:02:49 ----D---- C:\rsit
2014-10-25 20:02:49 ----D---- C:\Program Files\trend micro
2014-10-25 19:28:44 ----SHD---- C:\$RECYCLE.BIN
2014-10-25 19:25:38 ----A---- C:\Windows\zoek-delete.exe
2014-10-25 19:25:36 ----D---- C:\Windows\Temp
2014-10-25 18:03:21 ----D---- C:\AdwCleaner
2014-10-25 14:33:02 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-10-25 14:16:57 ----D---- C:\ProgramData\Loaris
2014-10-25 14:11:30 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-25 14:11:30 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-10-25 14:11:30 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-10-25 14:11:30 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-10-25 13:35:46 ----A---- C:\Windows\SYSWOW64\wbhelp2.dll
2014-10-25 13:35:44 ----A---- C:\Windows\SYSWOW64\W95INF32.DLL
2014-10-25 13:35:44 ----A---- C:\Windows\SYSWOW64\W95INF16.DLL
2014-10-25 13:35:44 ----A---- C:\Windows\SYSWOW64\unicows.dll
2014-10-25 13:35:44 ----A---- C:\Windows\SYSWOW64\anim.dll
2014-10-25 13:35:41 ----D---- C:\Program Files (x86)\WinUtilities
2014-10-25 12:57:07 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2014-10-25 11:47:07 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-10-25 11:33:15 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-10-25 10:01:12 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-25 10:01:12 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\untfs.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-10-25 09:46:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\WsmSvc.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\win32spl.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\untfs.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\twinui.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\schannel.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\shell32.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\SettingsHandlers.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\puiobj.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-25 09:46:30 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\MFMediaEngine.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\localspl.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\FXSAPI.dll
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\netio.sys
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-10-25 09:46:30 ----A---- C:\Windows\system32\drivers\cng.sys
2014-10-25 09:46:30 ----A---- C:\Windows\system32\certcli.dll
2014-10-23 19:21:17 ----D---- C:\Windows\SYSWOW64\NV
2014-10-23 19:21:17 ----D---- C:\Windows\system32\NV
2014-10-23 19:21:04 ----A---- C:\Windows\system32\nvshext.dll
2014-10-23 19:21:04 ----A---- C:\Windows\system32\nv3dappshextr.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-10-23 19:19:32 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvopencl.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvoglv64.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvinitx.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\NvIFR64.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\NvFBC64.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvdispgenco6434448.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvdispco6434448.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvcuvid.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\nvcuda.dll
2014-10-23 19:19:32 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2014-10-23 19:19:32 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-10-23 19:19:31 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-10-23 19:19:31 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-10-23 19:19:31 ----A---- C:\Windows\system32\nvcompiler.dll
2014-10-23 19:19:31 ----A---- C:\Windows\system32\nvapi64.dll
2014-10-23 19:16:35 ----D---- C:\Program Files (x86)\Evernote
2014-10-20 16:08:01 ----D---- C:\Program Files\iPod
2014-10-20 16:07:59 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-20 16:07:59 ----D---- C:\Program Files\iTunes
2014-10-20 16:07:59 ----D---- C:\Program Files (x86)\iTunes
2014-10-17 23:48:53 ----D---- C:\Users\Pavel\AppData\Roaming\Skype
2014-10-17 23:48:46 ----RD---- C:\Program Files (x86)\Skype
2014-10-17 23:48:34 ----D---- C:\ProgramData\Skype
2014-10-15 05:43:47 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-15 05:35:16 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 05:24:31 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 05:23:59 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2014-10-15 05:23:59 ----A---- C:\Windows\system32\MrmCoreR.dll
2014-10-15 05:23:56 ----A---- C:\Windows\system32\winbici.dll
2014-10-15 05:23:44 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-10-15 05:23:44 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-15 05:23:44 ----A---- C:\Windows\system32\wuapi.dll
2014-10-15 05:23:43 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-10-15 05:23:43 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-10-15 05:23:43 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wups2.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wups.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wudriver.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wucltux.dll
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-15 05:23:43 ----A---- C:\Windows\system32\wuapp.exe
2014-10-15 05:23:01 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 05:23:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 05:22:55 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 05:22:54 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 05:22:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 05:22:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 05:22:52 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 05:22:51 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 05:22:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 05:22:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 05:22:49 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 05:22:48 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 05:22:48 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 05:22:48 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 05:22:47 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 05:22:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 05:22:46 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 05:22:45 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 05:22:45 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 05:22:45 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 05:22:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 05:22:45 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 05:22:44 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 05:22:37 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 05:22:37 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 05:22:37 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 05:22:37 ----A---- C:\Windows\system32\packager.dll
2014-10-15 05:22:36 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 05:22:36 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-10-15 05:22:36 ----A---- C:\Windows\system32\msi.dll
2014-10-15 05:22:36 ----A---- C:\Windows\system32\authui.dll
2014-10-15 05:22:36 ----A---- C:\Windows\system32\appinfo.dll
2014-10-07 20:50:23 ----A---- C:\Windows\system32\nvspcap64.dll
2014-10-07 20:50:22 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-10-07 16:24:33 ----D---- C:\Windows\SYSWOW64\directx
2014-10-03 16:04:24 ----D---- C:\Program Files\Microsoft.NET
2014-10-02 15:42:22 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-10-02 15:34:28 ----D---- C:\Program Files\Common Files\DESIGNER
2014-10-02 15:33:39 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2014-10-02 15:31:46 ----D---- C:\Windows\PCHEALTH
2014-10-02 15:31:46 ----D---- C:\Program Files\Microsoft SQL Server
2014-10-02 15:29:08 ----D---- C:\Program Files\Microsoft Analysis Services
2014-10-02 15:29:07 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-10-02 15:28:48 ----D---- C:\Program Files (x86)\Microsoft Office
2014-10-02 15:28:21 ----D---- C:\Program Files\Microsoft Office
2014-10-02 15:28:02 ----RHD---- C:\MSOCache
2014-10-01 20:57:44 ----D---- C:\Users\Pavel\AppData\Roaming\Steam
2014-10-01 08:06:53 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-10-01 08:06:45 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-01 08:06:45 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-10-01 08:06:45 ----A---- C:\Windows\SYSWOW64\java.exe
2014-10-01 08:06:38 ----D---- C:\Program Files (x86)\Java
2014-09-26 19:17:33 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-09-25 08:52:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-21 00:11:56 ----D---- C:\Program Files (x86)\EPUB File Reader
2014-09-20 19:09:07 ----D---- C:\Users\Pavel\AppData\Roaming\Xfire
2014-09-20 19:09:00 ----D---- C:\ProgramData\Xfire
2014-09-20 19:08:58 ----D---- C:\Program Files (x86)\Xfire
2014-09-19 15:58:05 ----A---- C:\Windows\system32\nvdispgenco6434411.dll
2014-09-19 15:58:05 ----A---- C:\Windows\system32\nvdispco6434411.dll
2014-09-19 14:51:56 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-09-19 14:51:56 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-09-19 14:51:56 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-09-16 17:53:01 ----D---- C:\Program Files (x86)\Steam
2014-09-15 08:19:26 ----A---- C:\Windows\system32\WSDMon.dll
2014-09-15 08:19:25 ----A---- C:\Windows\system32\tcpmon.dll
2014-09-15 08:19:24 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-09-15 08:19:24 ----A---- C:\Windows\system32\uDWM.dll
2014-09-15 08:19:24 ----A---- C:\Windows\explorer.exe
2014-09-15 08:19:21 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-09-15 08:19:21 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-09-15 08:19:21 ----A---- C:\Windows\system32\UXInit.dll
2014-09-15 08:19:21 ----A---- C:\Windows\system32\actxprxy.dll
2014-09-15 08:19:08 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-15 08:19:04 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2014-09-15 08:19:01 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-15 08:18:57 ----A---- C:\Windows\system32\mfcore.dll
2014-09-15 08:18:56 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2014-09-15 08:18:56 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-15 08:18:55 ----A---- C:\Windows\system32\wlansvc.dll
2014-09-15 08:18:55 ----A---- C:\Windows\system32\gpsvc.dll
2014-09-15 08:18:54 ----A---- C:\Windows\system32\workfolderssvc.dll
2014-09-15 08:18:54 ----A---- C:\Windows\system32\Windows.Media.dll
2014-09-15 08:18:52 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2014-09-15 08:18:51 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-09-15 08:18:51 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-09-15 08:18:51 ----A---- C:\Windows\system32\drivers\srv.sys
2014-09-15 08:18:50 ----A---- C:\Windows\system32\SRH.dll
2014-09-15 08:18:50 ----A---- C:\Windows\system32\printui.dll
2014-09-15 08:18:50 ----A---- C:\Windows\system32\mfplat.dll
2014-09-15 08:18:50 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-09-15 08:18:49 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-09-15 08:18:49 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-09-15 08:18:48 ----A---- C:\Windows\system32\XpsPrint.dll
2014-09-15 08:18:48 ----A---- C:\Windows\system32\netcfgx.dll
2014-09-15 08:18:48 ----A---- C:\Windows\system32\mispace.dll
2014-09-15 08:18:47 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2014-09-15 08:18:47 ----A---- C:\Windows\SYSWOW64\mispace.dll
2014-09-15 08:18:47 ----A---- C:\Windows\system32\WorkfoldersControl.dll
2014-09-15 08:18:47 ----A---- C:\Windows\system32\AppxPackaging.dll
2014-09-15 08:18:46 ----AC---- C:\Windows\system32\drivers\spaceport.sys
2014-09-15 08:18:46 ----A---- C:\Windows\SYSWOW64\SRH.dll
2014-09-15 08:18:46 ----A---- C:\Windows\SYSWOW64\printui.dll
2014-09-15 08:18:46 ----A---- C:\Windows\system32\wlanmsm.dll
2014-09-15 08:18:46 ----A---- C:\Windows\system32\srvsvc.dll
2014-09-15 08:18:46 ----A---- C:\Windows\system32\aclui.dll
2014-09-15 08:18:45 ----A---- C:\Windows\SYSWOW64\aclui.dll
2014-09-15 08:18:45 ----A---- C:\Windows\system32\spoolsv.exe
2014-09-15 08:18:45 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-09-15 08:18:44 ----AC---- C:\Windows\system32\drivers\volsnap.sys
2014-09-15 08:18:44 ----AC---- C:\Windows\system32\drivers\usbccgp.sys
2014-09-15 08:18:44 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2014-09-15 08:18:44 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2014-09-15 08:18:44 ----A---- C:\Windows\SYSWOW64\AppxPackaging.dll
2014-09-15 08:18:44 ----A---- C:\Windows\system32\SHCore.dll
2014-09-15 08:18:43 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 08:18:42 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-09-15 08:18:42 ----A---- C:\Windows\SYSWOW64\mftranscode.dll
2014-09-15 08:18:42 ----A---- C:\Windows\system32\storagewmi.dll
2014-09-15 08:18:42 ----A---- C:\Windows\system32\mftranscode.dll
2014-09-15 08:18:41 ----A---- C:\Windows\system32\usbmon.dll
2014-09-15 08:18:41 ----A---- C:\Windows\system32\comdlg32.dll
2014-09-15 08:18:41 ----A---- C:\Windows\system32\clusapi.dll
2014-09-15 08:18:40 ----A---- C:\Windows\system32\wisp.dll
2014-09-15 08:18:40 ----A---- C:\Windows\system32\winload.exe
2014-09-15 08:18:40 ----A---- C:\Windows\system32\WebClnt.dll
2014-09-15 08:18:40 ----A---- C:\Windows\system32\defragsvc.dll
2014-09-15 08:18:39 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2014-09-15 08:18:39 ----A---- C:\Windows\system32\wsecedit.dll
2014-09-15 08:18:39 ----A---- C:\Windows\system32\winresume.exe
2014-09-15 08:18:38 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-09-15 08:18:38 ----A---- C:\Windows\system32\user32.dll
2014-09-15 08:18:38 ----A---- C:\Windows\system32\profsvc.dll
2014-09-15 08:18:38 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-09-15 08:18:38 ----A---- C:\Windows\system32\drivers\nwifi.sys
2014-09-15 08:18:37 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2014-09-15 08:18:37 ----A---- C:\Windows\system32\wpdbusenum.dll
2014-09-15 08:18:37 ----A---- C:\Windows\system32\winmmbase.dll
2014-09-15 08:18:37 ----A---- C:\Windows\system32\WiFiDisplay.dll
2014-09-15 08:18:36 ----AC---- C:\Windows\system32\drivers\usbhub.sys
2014-09-15 08:18:36 ----A---- C:\Windows\system32\rdpcorets.dll
2014-09-15 08:18:35 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2014-09-15 08:18:35 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-09-15 08:18:35 ----A---- C:\Windows\SYSWOW64\Display.dll
2014-09-15 08:18:35 ----A---- C:\Windows\system32\VAN.dll
2014-09-15 08:18:35 ----A---- C:\Windows\system32\SettingSync.dll
2014-09-15 08:18:35 ----A---- C:\Windows\system32\conhost.exe
2014-09-15 08:18:35 ----A---- C:\Windows\system32\AppxSip.dll
2014-09-15 08:18:34 ----A---- C:\Windows\SYSWOW64\winmmbase.dll
2014-09-15 08:18:34 ----A---- C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-15 08:18:34 ----A---- C:\Windows\system32\SndVol.exe
2014-09-15 08:18:34 ----A---- C:\Windows\system32\Display.dll
2014-09-15 08:18:33 ----A---- C:\Windows\SYSWOW64\wisp.dll
2014-09-15 08:18:33 ----A---- C:\Windows\system32\osk.exe
2014-09-15 08:18:33 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2014-09-15 08:18:32 ----A---- C:\Windows\system32\mfps.dll
2014-09-15 08:18:32 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-09-15 08:18:32 ----A---- C:\Windows\system32\DafPrintProvider.dll
2014-09-15 08:18:32 ----A---- C:\Windows\system32\bcryptprimitives.dll
2014-09-15 08:18:31 ----AC---- C:\Windows\system32\drivers\hdaudbus.sys
2014-09-15 08:18:31 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2014-09-15 08:18:31 ----A---- C:\Windows\system32\winmm.dll
2014-09-15 08:18:31 ----A---- C:\Windows\system32\drivers\NdisImPlatform.sys
2014-09-15 08:18:31 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-09-15 08:18:30 ----A---- C:\Windows\SYSWOW64\wsecedit.dll
2014-09-15 08:18:30 ----A---- C:\Windows\SYSWOW64\AppxSip.dll
2014-09-15 08:18:30 ----A---- C:\Windows\system32\Windows.Networking.dll
2014-09-15 08:18:30 ----A---- C:\Windows\system32\twinapi.dll
2014-09-15 08:18:30 ----A---- C:\Windows\system32\dwmapi.dll
2014-09-15 08:18:29 ----A---- C:\Windows\SYSWOW64\prnntfy.dll
2014-09-15 08:18:29 ----A---- C:\Windows\system32\WorkFoldersShell.dll
2014-09-15 08:18:29 ----A---- C:\Windows\system32\prnntfy.dll
2014-09-15 08:18:29 ----A---- C:\Windows\system32\gpedit.dll
2014-09-15 08:18:29 ----A---- C:\Windows\system32\GdiPlus.dll
2014-09-15 08:18:28 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2014-09-15 08:18:28 ----A---- C:\Windows\SYSWOW64\winmm.dll
2014-09-15 08:18:28 ----A---- C:\Windows\SYSWOW64\puiapi.dll
2014-09-15 08:18:28 ----A---- C:\Windows\system32\puiapi.dll
2014-09-15 08:18:28 ----A---- C:\Windows\system32\ppcsnap.dll
2014-09-15 08:18:27 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2014-09-15 08:18:27 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-09-15 08:18:27 ----A---- C:\Windows\system32\iasnap.dll
2014-09-15 08:18:26 ----AC---- C:\Windows\system32\drivers\pci.sys
2014-09-15 08:18:26 ----A---- C:\Windows\SYSWOW64\VAN.dll
2014-09-15 08:18:25 ----A---- C:\Windows\system32\wcmcsp.dll
2014-09-15 08:18:25 ----A---- C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-15 08:18:25 ----A---- C:\Windows\system32\stobject.dll
2014-09-15 08:18:25 ----A---- C:\Windows\system32\drivers\ks.sys
2014-09-15 08:18:25 ----A---- C:\Windows\system32\AppxSysprep.dll
2014-09-15 08:18:24 ----A---- C:\Windows\system32\wwanconn.dll
2014-09-15 08:18:24 ----A---- C:\Windows\system32\dab.dll
2014-09-15 08:18:23 ----A---- C:\Windows\SYSWOW64\iasnap.dll
2014-09-15 08:18:23 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2014-09-15 08:18:23 ----A---- C:\Windows\system32\pmcsnap.dll
2014-09-15 08:18:22 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2014-09-15 08:18:22 ----A---- C:\Windows\system32\wlanapi.dll
2014-09-15 08:18:22 ----A---- C:\Windows\system32\rsaenh.dll
2014-09-15 08:18:22 ----A---- C:\Windows\system32\ActionCenter.dll
2014-09-15 08:18:19 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-09-15 08:18:19 ----A---- C:\Windows\system32\wshbth.dll
2014-09-15 08:18:18 ----A---- C:\Windows\SYSWOW64\Windows.Networking.dll
2014-09-15 08:18:18 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2014-09-15 08:18:18 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2014-09-15 08:18:18 ----A---- C:\Windows\system32\PrintDialogs.dll
2014-09-15 08:18:17 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2014-09-15 08:18:17 ----A---- C:\Windows\system32\wlansvcpal.dll
2014-09-15 08:18:17 ----A---- C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-15 08:18:17 ----A---- C:\Windows\system32\browser.dll
2014-09-15 08:18:16 ----A---- C:\Windows\SYSWOW64\stobject.dll
2014-09-15 08:18:16 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2014-09-15 08:18:15 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-09-15 08:18:15 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-09-15 08:18:15 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-09-15 08:18:15 ----A---- C:\Windows\system32\Defrag.exe
2014-09-15 08:18:14 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2014-09-15 08:18:13 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-09-15 08:18:13 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-09-15 08:18:13 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-09-15 08:18:13 ----A---- C:\Windows\system32\KBDRU.DLL
2014-09-15 08:18:13 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-09-15 08:18:12 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-09-15 08:18:12 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-09-15 08:18:12 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-09-15 08:18:12 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-09-15 08:18:12 ----A---- C:\Windows\system32\BluetoothApis.dll
2014-09-15 08:18:10 ----AC---- C:\Windows\system32\drivers\bthpan.sys
2014-09-15 08:18:10 ----A---- C:\Windows\SYSWOW64\PrintDialogs.dll
2014-09-15 08:18:09 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-09-15 08:18:09 ----A---- C:\Windows\system32\wwanmm.dll
2014-09-15 08:18:09 ----A---- C:\Windows\system32\SndVolSSO.dll
2014-09-15 08:18:09 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-09-15 08:18:09 ----A---- C:\Windows\system32\compstui.dll
2014-09-15 08:18:08 ----A---- C:\Windows\SYSWOW64\BluetoothApis.dll
2014-09-15 08:18:08 ----A---- C:\Windows\system32\wlansec.dll
2014-09-15 08:18:08 ----A---- C:\Windows\system32\rdpudd.dll
2014-09-15 08:18:07 ----A---- C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 08:18:05 ----A---- C:\Windows\SYSWOW64\KBDTT102.DLL
2014-09-15 08:18:05 ----A---- C:\Windows\system32\KBDTT102.DLL
2014-09-14 08:02:28 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-12 17:52:35 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2014-09-12 17:52:35 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2014-09-12 17:52:35 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2014-09-12 17:52:35 ----A---- C:\Windows\SYSWOW64\propsys.dll
2014-09-12 17:52:35 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-09-12 17:52:34 ----AC---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-09-12 17:52:34 ----AC---- C:\Windows\system32\drivers\bthport.sys
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\SkyDriveShell.dll
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\WSShared.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\Wldap32.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\Windows.UI.Search.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SyncEngine.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SkyDriveShell.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SkyDrive.exe
2014-09-12 17:52:34 ----A---- C:\Windows\system32\SearchFolder.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\ProximityService.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\propsys.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\pcsvDevice.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\ntdll.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\mstscax.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\KernelBase.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\httpprxm.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\drivers\bridge.sys
2014-09-12 17:52:34 ----A---- C:\Windows\system32\bisrv.dll
2014-09-12 17:52:34 ----A---- C:\Windows\system32\adhsvc.dll
2014-09-12 17:51:30 ----A---- C:\Windows\system32\drivers\msgpioclx.sys
2014-09-11 07:43:42 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 07:43:42 ----A---- C:\Windows\system32\iernonce.dll
2014-09-11 07:43:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 07:43:40 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-11 07:43:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-11 07:43:40 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-11 07:43:40 ----A---- C:\Windows\system32\msrating.dll
2014-09-11 07:43:40 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-11 07:43:40 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-11 07:43:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-11 07:43:39 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-11 07:43:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-11 07:43:39 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-11 07:43:39 ----A---- C:\Windows\system32\iesetup.dll
2014-09-11 07:43:38 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-11 07:43:38 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-11 07:43:38 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-11 07:43:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-11 07:43:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-11 07:25:29 ----A---- C:\Windows\system32\schedsvc.dll
2014-09-11 07:24:42 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2014-09-11 07:24:42 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2014-08-14 01:16:18 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 01:16:18 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-08-14 01:16:18 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 01:16:18 ----A---- C:\Windows\system32\dxgi.dll
2014-08-14 01:16:18 ----A---- C:\Windows\system32\dwmcore.dll
2014-08-14 01:16:17 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 01:15:30 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 01:15:30 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 01:15:26 ----A---- C:\Windows\system32\Wpc.dll
2014-08-14 01:15:25 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-08-14 01:15:25 ----A---- C:\Windows\system32\WpcWebSync.dll
2014-08-14 01:15:25 ----A---- C:\Windows\system32\WpcMon.exe
2014-08-14 01:14:11 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-14 01:14:11 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 01:14:11 ----A---- C:\Windows\system32\consent.exe
2014-08-14 01:13:42 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-14 01:13:42 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 01:13:41 ----A---- C:\Windows\system32\MDMAgent.exe
2014-08-10 09:34:18 ----AC---- C:\Windows\system32\drivers\usbuhci.sys
2014-08-10 09:34:18 ----AC---- C:\Windows\system32\drivers\usbport.sys
2014-08-10 09:34:18 ----AC---- C:\Windows\system32\drivers\usbehci.sys
2014-08-10 09:34:18 ----AC---- C:\Windows\system32\drivers\usbd.sys
2014-08-10 09:34:18 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2014-08-10 09:34:18 ----A---- C:\Windows\SYSWOW64\DaOtpCredentialProvider.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\WUDFHost.exe
2014-08-10 09:34:18 ----A---- C:\Windows\system32\hal.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\gpprefcl.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-08-10 09:34:18 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-08-10 09:34:18 ----A---- C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-10 09:34:18 ----A---- C:\Windows\system32\cscui.dll
2014-07-30 16:00:17 ----A---- C:\Windows\system32\SET7FCD.tmp
2014-07-30 16:00:16 ----A---- C:\Windows\system32\SET73C2.tmp
2014-07-30 16:00:16 ----A---- C:\Windows\system32\SET6515.tmp
2014-07-30 16:00:16 ----A---- C:\Windows\system32\nvdispgenco6434052.dll
2014-07-30 16:00:16 ----A---- C:\Windows\system32\nvdispco6434052.dll
2014-07-28 14:52:00 ----A---- C:\Windows\system32\usbaaplrc.dll
2014-07-28 14:52:00 ----A---- C:\Windows\system32\drivers\usbaapl64.sys

======List of files/folders modified in the last 3 months======

2014-10-25 20:02:49 ----D---- C:\Program Files
2014-10-25 20:00:05 ----D---- C:\Windows\system32\sru
2014-10-25 19:53:18 ----RD---- C:\Windows\System32
2014-10-25 19:53:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-25 19:53:17 ----D---- C:\Windows\Inf
2014-10-25 19:49:15 ----D---- C:\Windows\Prefetch
2014-10-25 19:46:43 ----D---- C:\Windows
2014-10-25 19:31:48 ----D---- C:\Windows\debug
2014-10-25 19:14:10 ----D---- C:\Windows\Tasks
2014-10-25 19:14:10 ----D---- C:\Windows\system32\Tasks
2014-10-25 19:14:05 ----RD---- C:\Program Files (x86)
2014-10-25 19:13:55 ----D---- C:\Windows\SysWOW64
2014-10-25 19:13:53 ----HD---- C:\ProgramData
2014-10-25 18:08:54 ----D---- C:\Windows\system32\drivers\etc
2014-10-25 14:33:02 ----D---- C:\Windows\system32\drivers
2014-10-25 14:32:31 ----D---- C:\Program Files\Common Files\System
2014-10-25 12:52:23 ----D---- C:\Users\Pavel\AppData\Roaming\vlc
2014-10-25 12:29:01 ----SD---- C:\ProgramData\Microsoft
2014-10-25 11:40:02 ----D---- C:\Windows\system32\catroot2
2014-10-25 11:00:57 ----D---- C:\ProgramData\IObit
2014-10-25 10:57:11 ----D---- C:\Windows\SoftwareDistribution
2014-10-25 10:55:44 ----D---- C:\Windows\system32\wdi
2014-10-25 10:52:01 ----SHD---- C:\Windows\Installer
2014-10-25 10:51:46 ----D---- C:\Program Files (x86)\WinRAR
2014-10-25 10:47:04 ----D---- C:\Windows\system32\config
2014-10-25 10:25:22 ----D---- C:\Windows\rescache
2014-10-25 10:18:10 ----D---- C:\Windows\Microsoft.NET
2014-10-25 10:03:40 ----D---- C:\Windows\WinSxS
2014-10-25 10:02:15 ----D---- C:\Windows\system32\DriverStore
2014-10-25 10:01:04 ----D---- C:\Windows\CbsTemp
2014-10-25 09:50:14 ----RD---- C:\Windows\ToastData
2014-10-25 09:50:14 ----RD---- C:\Windows\ImmersiveControlPanel
2014-10-25 09:50:14 ----D---- C:\Windows\apppatch
2014-10-25 09:49:33 ----SHD---- C:\System Volume Information
2014-10-25 09:45:06 ----D---- C:\Users\Pavel\AppData\Roaming\Winamp
2014-10-25 09:38:12 ----D---- C:\Users\Pavel\AppData\Roaming\uTorrent
2014-10-23 19:21:15 ----D---- C:\ProgramData\NVIDIA
2014-10-22 21:16:17 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2014-10-21 11:31:17 ----D---- C:\Windows\AppReadiness
2014-10-21 11:31:16 ----HD---- C:\Program Files\WindowsApps
2014-10-20 16:08:00 ----D---- C:\Program Files\Common Files\Apple
2014-10-20 04:34:55 ----RSD---- C:\Windows\assembly
2014-10-19 19:51:10 ----D---- C:\ProgramData\Microsoft Help
2014-10-18 17:45:55 ----D---- C:\Windows\MediaViewer
2014-10-18 17:45:55 ----D---- C:\Windows\FileManager
2014-10-18 17:45:55 ----D---- C:\Windows\Camera
2014-10-18 17:45:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-18 17:45:53 ----D---- C:\Program Files\Internet Explorer
2014-10-18 17:45:53 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-18 17:45:52 ----D---- C:\Windows\system32\cs-CZ
2014-10-17 23:48:47 ----D---- C:\Program Files (x86)\Common Files
2014-10-16 16:11:40 ----A---- C:\Windows\system32\nvsvc64.dll
2014-10-16 16:11:40 ----A---- C:\Windows\system32\nvcpl.dll
2014-10-16 16:11:36 ----A---- C:\Windows\system32\nvvsvc.exe
2014-10-16 16:11:36 ----A---- C:\Windows\system32\nvsvcr.dll
2014-10-16 16:11:36 ----A---- C:\Windows\system32\nvmctray.dll
2014-10-16 16:11:36 ----A---- C:\Windows\system32\nv3dappshext.dll
2014-10-15 05:45:07 ----A---- C:\Windows\win.ini
2014-10-15 05:42:54 ----D---- C:\Windows\system32\MRT
2014-10-15 05:39:40 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 05:38:45 ----RSD---- C:\Windows\Fonts
2014-10-13 17:59:34 ----D---- C:\Program Files (x86)\Origin Games
2014-10-10 18:37:32 ----D---- C:\ProgramData\Origin
2014-10-10 18:06:58 ----D---- C:\Users\Pavel\AppData\Roaming\NVIDIA
2014-10-10 18:06:40 ----D---- C:\Program Files (x86)\Origin
2014-10-09 15:33:21 ----D---- C:\Windows\Logs
2014-10-04 08:42:47 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2014-10-04 08:41:43 ----A---- C:\Windows\system32\nvspbridge64.dll
2014-10-03 16:04:24 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-10-03 16:04:23 ----D---- C:\Program Files\Common Files\microsoft shared
2014-10-02 15:41:39 ----D---- C:\Windows\ShellNew
2014-10-02 15:34:28 ----D---- C:\Program Files\Common Files
2014-10-02 15:33:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-10-02 15:21:46 ----D---- C:\Program Files (x86)\MSBuild
2014-10-01 08:07:04 ----D---- C:\ProgramData\Oracle
2014-09-29 13:02:22 ----D---- C:\Program Files\CCleaner
2014-09-26 19:12:19 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2014-09-26 19:01:33 ----D---- C:\Users\Pavel\AppData\Roaming\Origin
2014-09-21 20:19:40 ----D---- C:\Windows\system32\NDF
2014-09-20 09:04:08 ----D---- C:\Windows\SYSWOW64\wbem
2014-09-20 09:04:08 ----D---- C:\Windows\SYSWOW64\setup
2014-09-20 09:04:08 ----D---- C:\Windows\system32\wbem
2014-09-20 09:04:08 ----D---- C:\Windows\system32\setup
2014-09-20 09:04:08 ----D---- C:\Windows\system32\oobe
2014-09-20 09:04:08 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-09-20 09:04:08 ----D---- C:\Windows\system32\Boot
2014-09-20 09:04:08 ----D---- C:\Windows\PolicyDefinitions
2014-09-20 09:04:08 ----D---- C:\Program Files\Windows Journal
2014-09-20 09:04:07 ----D---- C:\Windows\SYSWOW64\InputMethod
2014-09-19 20:37:25 ----D---- C:\Windows\LiveKernelReports
2014-09-19 18:28:21 ----D---- C:\Users\Pavel\AppData\Roaming\Apple Computer
2014-09-19 16:00:32 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-09-19 15:47:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 14:52:57 ----D---- C:\Program Files\NVIDIA Corporation
2014-09-14 08:00:06 ----D---- C:\Windows\system32\catroot
2014-09-12 17:56:14 ----D---- C:\Windows\WinStore
2014-09-12 17:56:13 ----D---- C:\Windows\SYSWOW64\migration
2014-09-12 17:56:13 ----D---- C:\Windows\system32\migration
2014-09-12 17:52:34 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-05 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-05 224896]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-10-16 30408]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-05 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-05 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-05 427360]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-10-23 129944]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-05 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-05 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-05 92008]
R3 athr;@oem23.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-08-14 3837440]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-01-28 593000]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HIDSwitch;@oem2.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2013-11-04 20280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 25816]
R3 MEIx64;@oem1.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-17 62784]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-10-16 13190288]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-04 20288]
R3 nvvad_WaveExtensible;@oem24.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 RTL8168;@oem20.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-11-29 838872]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-28 34544]
R3 SynTP;@oem39.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-08-28 524528]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-09-12 1200640]
S3 dg_ssudbus;@oem33.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem29.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem30.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem29.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 64216]
S3 ssudmdm;@oem34.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tap0901;@oem4.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 USBAAPL64;@oem44.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-05 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-04 1149760]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-04 19440960]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-10-16 933064]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-28 76152]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe []
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09 267440]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-25 114288]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]

-----------------EOF-----------------

[altrok]

• Ulozte na plochu OTM - http://oldtimer.geekstogo.com/OTM.exe,
• ukoncete vsechny programy,
• kliknete pravym na ikonu OTM.exe a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem),
• obsah bileho pole zkopirujte do leveho okna OTM a kliknete na MoveIt!
• po restartu vlozte log, ktery bude v C:\_OTM\MovedFiles\mmddyyyy_hhmmss.log

Kód: Vybrat vše

:commands
[Purity]
[EmptyTemp]
[EmptyFlash]
[EmptyJava]
[ResetHosts]
[CreateRestorePoint]

:services
LiveUpdateSvc
SkypeUpdate

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Windows\zoek-delete.exe
C:\zoek-results.log
C:\zoek_backup
%userprofile%\Desktop\zoek.exe
C:\ProgramData\IObit
C:\ProgramData\Spybot - Search & Destroy
C:\Users\Pavel\AppData\Roaming\MSMFS.exe
C:\Users\Pavel\AppData\Roaming\PGBUATNB.exe
C:\ProgramData\ShopperPro
C:\Users\Pavel\AppData\Roaming\EYSKI.exe
C:\Users\Pavel\AppData\Roaming\OTWLPAX.exe
C:\Program Files (x86)\globalUpdate

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"=-
"SunJavaUpdateSched"=-

[anubys]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Pavel
->Temp folder emptied: 2038226 bytes
->Temporary Internet Files folder emptied: 863365 bytes
->Java cache emptied: 8196 bytes
->FireFox cache emptied: 32909436 bytes
->Flash cache emptied: 626 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 18431272 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 42 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 52,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Pavel
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Pavel
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service LiveUpdateSvc stopped successfully!
Service LiveUpdateSvc deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\zoek-delete.exe moved successfully.
File/Folder C:\zoek-results.log not found.
File/Folder C:\zoek_backup not found.
File/Folder C:\Users\Pavel\Desktop\zoek.exe not found.
C:\ProgramData\IObit\IObit Uninstaller folder moved successfully.
C:\ProgramData\IObit\ASCDownloader folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare V7\Homepage Protection folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare V7 folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare V6 folder moved successfully.
C:\ProgramData\IObit folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Quarantine folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Ignore folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Cleaning folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
File/Folder C:\Users\Pavel\AppData\Roaming\MSMFS.exe not found.
File/Folder C:\Users\Pavel\AppData\Roaming\PGBUATNB.exe not found.
File/Folder C:\ProgramData\ShopperPro not found.
File/Folder C:\Users\Pavel\AppData\Roaming\EYSKI.exe not found.
File/Folder C:\Users\Pavel\AppData\Roaming\OTWLPAX.exe not found.
File/Folder C:\Program Files (x86)\globalUpdate not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\PWRISOVM.EXE deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 10252014_215308

Files moved on Reboot...
C:\Users\Pavel\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[altrok]

Vyborne, takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

[anubys]

dekuji mockrat za pomoc:) ale jeste porad kdyz chvilku jsem na internetu tak se mi strasne zpomali cely system:/ vubec nevim proc.

[altrok]

jake programy jsou spustene, kdyz pozorujete zpomaleni?
dela to ve vsech prohlizecich?
od kdy toto zpomaleni pozorujete?


vlozte log dle navodu kolegy

Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.

[anubys]

deje se to kdyz pustim firefox. A ode dneska, asi od ty doby co jsem instaloval microsoft toolkit 2.5.5. Nainstalovalo mi to i nejaky spamy - ge-force, shopping, ytdownloader a jeste neco. Za chvilku sem vlozim ten log

[anubys]

----------------------------------------------------------------------------
CrystalDiskInfo 6.2.1 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 Pro [6.3 Build 9600] (x64)
Date : 2014/10/25 22:29:56

-- Controller Map ----------------------------------------------------------
+ Standardní řadič SATA AHCI [ATA]
- ST750LM022 HN-M750MBB
- MATSHITA DVD-RAM UJ8C2 S
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST750LM022 HN-M750MBB : 750,1 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST750LM022 HN-M750MBB
----------------------------------------------------------------------------
Model : ST750LM022 HN-M750MBB
Firmware : 2AR20002
Serial Number : S2Y7J9CDA04814
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 6111 hod.
Power On Count : 344 krát
Temperature : 40 C (104 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000012 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _90 _89 _25 000000000BF7 Čas na roztočení ploten
04 100 100 __0 000000000157 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 0000000017DF Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000158 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000137 Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C2 _60 _54 __0 002F000F0028 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 100 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 0000000005DE Počet chyb při zápisu sektorů
DF 100 100 __0 000000000086 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 _71 _71 __0 000000049F2B Počet cyklů načítání/vymazání

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5332 5937 4A39 4344 4130 3438 3134 2020 2020 2020
020: 0000 8000 0004 3241 5232 3030 3032 5354 3735 304C
030: 4D30 3232 2048 4E2D 4D37 3530 4D42 4220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1D06 0004 004C 0040
080: 01FF 0028 746B 7F69 6123 7469 BC41 6123 207F 0048
090: 0048 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 6003 0000 5000 4CF2
110: 0B77 9607 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 9DA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 12 00 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 5A 59 F7
020: 0B 00 00 00 00 00 04 32 00 64 64 57 01 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 DF 17 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0C 32
070: 00 64 64 58 01 00 00 00 00 00 BF 22 00 64 64 37
080: 01 00 00 00 00 00 C0 22 00 FC FC 00 00 00 00 00
090: 00 00 C2 02 00 3C 36 28 00 0F 00 2F 00 00 C3 3A
0A0: 00 64 64 00 00 00 00 00 00 00 C4 32 00 FC FC 00
0B0: 00 00 00 00 00 00 C5 32 00 FC 64 00 00 00 00 00
0C0: 00 00 C6 30 00 FC FC 00 00 00 00 00 00 00 C7 36
0D0: 00 C8 C8 00 00 00 00 00 00 00 C8 2A 00 64 64 DE
0E0: 05 00 00 00 00 00 DF 32 00 64 64 86 00 00 00 00
0F0: 00 00 E1 32 00 47 47 2B 9F 04 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 64 23 00 5B
170: 03 00 01 00 02 97 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C2

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
0E0: 00 00 00 00 00 00 DF 00 00 00 00 00 00 00 00 00
0F0: 00 00 E1 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 46

[altrok]

deje se to kdyz pustim firefox. A ode dneska, asi od ty doby co jsem instaloval microsoft toolkit 2.5.5. Nainstalovalo mi to i nejaky spamy - ge-force, shopping, ytdownloader a jeste neco. Za chvilku sem vlozim ten log

presne od techto a jim podobnym Adwaru jsme prave pocitac vycistili

takze znovu

Stahnete a ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/,

• ukoncete vsechny programy,
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem),
• kliknete na Scan, pote na Clean,
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi.

[anubys]

# AdwCleaner v4.001 - Report created 25/10/2014 at 22:52:43
# DB v2014-10-23.2
# Updated 20/10/2014 by Xplode
# Operating System : Windows 8.1 Pro (64 bits)
# Username : Pavel - PAVEL-PC
# Running from : C:\Users\Pavel\Desktop\adwcleaner_4.001.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 cs)


*************************

AdwCleaner[R0].txt - [803 octets] - [25/10/2014 22:52:38]
AdwCleaner[S0].txt - [679 octets] - [25/10/2014 22:52:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [738 octets] ##########

[altrok]

Dejte log z FRSTLauncheru - http://forum.viry.cz/viewtopic.php?f=30&t=133101