Zdravím,
Tentokrát vám přináším totálně zaneřáděný notebook známého. Notebook je tak zasekaný a plný zbytečností že se seká i úvodní načítání Windows a to ani nemluvně kolik po dlouhém načtení notebooku vyskočí chybných hlášek nejrůznějších programů (Net Framework, Firefox, atd..).Ale nejhorší bylo spustit vůbec prohlížeč boj sám o sobě. Prosím vás nejen o odvirování ale i o vypnutí doslova všech programů které se zapínají spolu se systémem (aby se zapínali jen programy potřebné k chodu systému). Mimochodem vypnutí spouštění programů v CCleaneru se zná neučinné pořád se počítač zapíná s 85 procesy.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Schwarzerovi at 2015-04-19 13:19:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 25 GB (5%) free of 464 GB
Total RAM: 3957 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:19:38, on 19/04/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\Schwarzerovi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: IE BHO Utility - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SporTV Toolbar - {a298ed31-d405-40e2-880f-b7511948e582} - C:\Program Files (x86)\SporTV\tbSpor.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll
O2 - BHO: TheSea.TheSeaPlugin - {C585D593-E7F3-4852-A200-561686EE02E4} - mscoree.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll
O3 - Toolbar: SporTV Toolbar - {a298ed31-d405-40e2-880f-b7511948e582} - C:\Program Files (x86)\SporTV\tbSpor.dll
O3 - Toolbar: MP3 Rocket Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: OKI Local Port Manager (OpLclSrv) - Oki Data Corporation - C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\PC Speed Up\PCSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (O2) (sprtsvc_O2) - SupportSoft, Inc. - C:\Program Files (x86)\O2\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14594 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\PC Speed Up\PCSUService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe"
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
"c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe"
"C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\O2\bin\sprtsvc.exe" /service /p O2
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 2936
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
atieclxx
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {3E8EC6E7-DB8C-4BBF-A3B0-B6879625E94D}
"C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe"
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe" -servicelaunch=true
"C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe" -services -injection-server
"C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe" /RunWithOS
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
WicaInventory.exe /apps /fast /ext "exe,sys" /output "C:\Windows\TEMP\CompatTelemetryLogs\WICA_Programs_SCHWARZEROVI-PC.xml" /log "C:\Windows\TEMP\CompatTelemetryLogs" "C:\Windows\system32\CompatTel"
\??\C:\Windows\system32\conhost.exe "5079013292005311226-52177932-1513947094339530965914361741985316343336362753
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\TEMP.Schwarzerovi-PC\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\dsmonitor.job - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Security Scan for Schwarzerovi.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\PC Speed Up\PCSUSD.exe /dev0 /idle
C:\Windows\tasks\SDMsgUpdate (TE).job - C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe -PTE -V21000100 -SSDU.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -X
=========Mozilla firefox=========
ProfilePath - C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Mozilla\Firefox\Profiles\gukmbpxb.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mywebsearch.com/Plugin]
"Description"=My Web Search Plugin
"Path"=C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.15]
"Description"=RealPlayer Video Downloader for HTML5 (32-bit)
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprpplugin.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-27 591432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-18 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-02 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-07 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-18 210856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27 476744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}]
Fast Search - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll [2013-04-17 187352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-21 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-02 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a298ed31-d405-40e2-880f-b7511948e582}]
SporTV Toolbar - C:\Program Files (x86)\SporTV\tbSpor.dll [2010-04-27 2393184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-07 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll [2010-03-09 2355224]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4}]
TheSea.TheSeaPlugin - C:\Windows\system32\mscoree.dll [2010-11-05 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
MP3 Rocket Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-21 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-07 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll [2010-03-09 2355224]
{a298ed31-d405-40e2-880f-b7511948e582} - SporTV Toolbar - C:\Program Files (x86)\SporTV\tbSpor.dll [2010-04-27 2393184]
{D4027C7F-154A-4066-A1AD-4243D8127440} - MP3 Rocket Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-07 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Network Configuration"=C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [2011-10-20 723936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-07-23 323072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-29 419112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecLiveUpdate]
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder]
C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\O2]
C:\Program Files (x86)\O2\bin\sprtcmd.exe [2009-03-04 202016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-11-12 181480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2010-01-08 200704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealDownloader]
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29 560192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-29 8312352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmileboxTray]
C:\Users\Schwarzerovi\AppData\Roaming\Smilebox\SmileboxTray.exe [2010-08-10 304448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-05 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MP3 Rocket (Minimized).lnk]
C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OKI LPR Utility.lnk]
C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe [2011-10-20 260144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Printkey2000.lnk]
C:\Program Files (x86)\PrintKey2000\Printkey2000.exe [1999-09-30 869376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk]
C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe [2014-11-27 1024608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Schwarzerovi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
C:\PROGRA~2\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListen]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListenPush]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SupportSoft RemoteAssist]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-19 13:19:27 ----D---- C:\rsit
2015-04-19 13:19:27 ----D---- C:\Program Files\trend micro
2015-04-19 12:59:44 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Mozilla
2015-04-19 12:48:16 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\AVAST Software
2015-04-19 12:48:06 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\OkiData
2015-04-19 12:48:06 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Macromedia
2015-04-19 12:47:10 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Adobe
2015-04-19 12:46:28 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Identities
2015-04-19 12:45:50 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Uniblue
2015-04-19 12:45:49 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\RealNetworks
2015-04-19 12:45:49 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Real
2015-04-19 12:45:30 ----SD---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Microsoft
2015-04-19 12:45:30 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Trusteer
2015-04-19 12:45:30 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Media Center Programs
2015-04-19 12:31:19 ----A---- C:\Windows\ntbtlog.txt
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups2.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wucltux.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\invagent.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\generaltel.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\devinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\appraiser.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\aeinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\acmigration.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepic.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepdu.dll
2015-04-14 23:31:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-14 23:31:32 ----A---- C:\Windows\system32\gdi32.dll
2015-04-14 23:31:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-14 23:31:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-14 23:31:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-14 23:31:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-14 23:30:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-14 23:30:27 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\iernonce.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-14 23:30:25 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-14 23:30:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-14 23:30:24 ----A---- C:\Windows\system32\urlmon.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-14 23:30:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 23:30:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\iesetup.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-14 23:30:19 ----A---- C:\Windows\system32\iertutil.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-14 23:30:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-14 23:30:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieui.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieframe.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-14 23:30:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-14 23:29:36 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfs.sys
2015-04-14 00:03:48 ----D---- C:\AVAST Software
2015-04-10 16:50:35 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-10 16:50:34 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-04-19 13:19:31 ----D---- C:\Windows\Temp
2015-04-19 13:19:27 ----D---- C:\Program Files
2015-04-19 13:13:13 ----D---- C:\Windows\system32\config
2015-04-19 13:05:08 ----SHD---- C:\System Volume Information
2015-04-19 12:48:56 ----D---- C:\Windows\SysWOW64
2015-04-19 12:48:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 12:47:38 ----D---- C:\Windows\system32\Tasks
2015-04-19 12:47:38 ----D---- C:\Program Files (x86)\PC Speed Up
2015-04-19 12:45:27 ----RD---- C:\Users
2015-04-19 12:38:49 ----D---- C:\Windows\winsxs
2015-04-19 12:38:34 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-19 12:33:05 ----AD---- C:\Windows
2015-04-19 12:31:39 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-19 12:31:39 ----D---- C:\Windows\PolicyDefinitions
2015-04-19 12:31:38 ----D---- C:\Windows\system32\en-US
2015-04-19 12:31:38 ----D---- C:\Windows\System32
2015-04-19 12:31:37 ----SD---- C:\Windows\system32\CompatTel
2015-04-19 12:31:37 ----D---- C:\Windows\system32\appraiser
2015-04-19 12:31:36 ----D---- C:\Windows\AppPatch
2015-04-19 12:31:34 ----D---- C:\Windows\system32\drivers
2015-04-19 12:31:34 ----D---- C:\Program Files\Internet Explorer
2015-04-19 12:31:26 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-19 12:21:29 ----SHD---- C:\Windows\Installer
2015-04-19 12:21:28 ----SHD---- C:\Config.Msi
2015-04-19 12:09:44 ----D---- C:\Windows\Microsoft.NET
2015-04-17 07:57:24 ----D---- C:\ProgramData\Microsoft Help
2015-04-16 18:45:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 18:44:55 ----D---- C:\Windows\inf
2015-04-16 18:43:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-16 17:17:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-16 17:17:22 ----D---- C:\ProgramData\Skype
2015-04-16 17:11:13 ----RD---- C:\Program Files (x86)\Skype
2015-04-15 21:03:58 ----D---- C:\Windows\system32\MRT
2015-04-15 21:03:42 ----D---- C:\Windows\debug
2015-04-15 21:01:49 ----A---- C:\Windows\system32\MRT.exe
2015-04-14 23:47:06 ----D---- C:\Windows\Minidump
2015-04-14 23:47:06 ----D---- C:\Windows\Logs
2015-04-14 23:25:56 ----D---- C:\Windows\system32\catroot2
2015-04-13 21:01:00 ----D---- C:\Windows\pss
2015-04-13 20:41:16 ----D---- C:\Windows\Prefetch
2015-03-26 20:58:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-26 20:56:57 ----D---- C:\Windows\system32\wbem
2015-03-26 20:56:07 ----D---- C:\ProgramData\GameXN
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-02 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-02 427360]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-14 487216]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 RapportCerberus_80128;RapportCerberus_80128; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [2015-03-05 844440]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-03-11 445816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-02 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-02 92008]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-08-06 320040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-06-25 205472]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R4 RapportIaso;RapportIaso; \??\c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [2015-03-05 425752]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-07-23 40448]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2007-09-17 29184]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2015-03-11 535576]
S3 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-03-11 558872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-16 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-10-24 44736]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-02 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 268824]
R2 MyWebSearchService;My Web Search Service; C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe [2010-06-23 28762]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 OpLclSrv;OKI Local Port Manager; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [2011-04-11 169472]
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [2014-11-27 437704]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-03-11 1943832]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-10-26 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-11-27 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 sprtsvc_O2;SupportSoft Sprocket Service (O2); C:\Program Files (x86)\O2\bin\sprtsvc.exe [2009-03-04 202016]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [2010-09-24 329080]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19 268464]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-26 148080]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Totálně zasekaný notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Totálně zasekaný notebook
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Totálně zasekaný notebook
Provedeno
zde přikládám 2 logy
log 1
# AdwCleaner v4.201 - Logfile created 19/04/2015 at 19:52:47
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Schwarzerovi - SCHWARZEROVI-PC
# Running from : C:\Users\TEMP.Schwarzerovi-PC\Desktop\adwcleaner_4.201.exe
# Option : Scan
***** [ Services ] *****
Service Found : MyWebSearchService
Service Found : pcsuservice
***** [ Files / Folders ] *****
File Found : C:\Users\Public\Desktop\driverscanner.lnk
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Windows\SysWOW64\f3PSSavr.scr
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\Auto Updater
Folder Found : C:\Program Files (x86)\clickpotatolite
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\FunWebProducts
Folder Found : C:\Program Files (x86)\MyWebSearch
Folder Found : C:\Program Files (x86)\pc speed up
Folder Found : C:\Program Files (x86)\SporTV
Folder Found : C:\Program Files (x86)\Surf Canyon
Folder Found : C:\Program Files (x86)\Uniblue
Folder Found : C:\Program Files (x86)\Vuze_Remote
Folder Found : C:\Program Files (x86)\Vuze_Remote
Folder Found : C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Auto Updater
Folder Found : C:\ProgramData\ClickPotatoLiteSA
Folder Found : C:\ProgramData\FileCure
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clickpotato
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc speed up
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Folder Found : C:\ProgramData\Partner
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Scheduled tasks ] *****
Task Found : dsmonitor
Task Found : PC SpeedUp Service Deactivator
Task Found : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A298ED31-D405-40E2-880F-B7511948E582}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A298ED31-D405-40E2-880F-B7511948E582}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A3514F71-E63F-440B-8076-14226E21B2BF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D2083641-E57F-4EAB-BB85-0582424F4A29}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\MenuButtonIE.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\surfcanyon.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03FB8BCA-9FD1-4E20-9914-B8C9FAF25A4F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2C503AED-FE31-400A-AA17-63C4295109D6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A298ED31-D405-40E2-880F-B7511948E582}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Found : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE
Key Found : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE.1
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Key Found : HKLM\SOFTWARE\Classes\PCSU.Registry
Key Found : HKLM\SOFTWARE\Classes\PCSU.Registry.1
Key Found : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Key Found : HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite
Key Found : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2442061
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BA3105E9-5DE6-4A1E-A819-6F5046AB67F5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Found : HKLM\SOFTWARE\ClickPotatoLite
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Key Found : HKLM\SOFTWARE\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A298ED31-D405-40E2-880F-B7511948E582}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03FB8BCA-9FD1-4E20-9914-B8C9FAF25A4F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2C503AED-FE31-400A-AA17-63C4295109D6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4F36-8D02-8C43722EE5DA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AutoUpdater_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SporTV Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf Canyon
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Found : HKLM\SOFTWARE\Speedchecker Limited
Key Found : HKLM\SOFTWARE\SporTV
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : HKLM\SOFTWARE\Uniblue\DriverScanner
Key Found : HKLM\SOFTWARE\Vuze_Remote
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A298ED31-D405-40E2-880F-B7511948E582}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A298ED31-D405-40E2-880F-B7511948E582}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Google Chrome v41.0.2272.118
*************************
AdwCleaner[R0].txt - [339 bytes] - [19/04/2015 18:39:00]
AdwCleaner[R1].txt - [20352 bytes] - [19/04/2015 19:52:47]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [20412 bytes] ##########
log 2
# AdwCleaner v4.201 - Logfile created 19/04/2015 at 19:54:18
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Schwarzerovi - SCHWARZEROVI-PC
# Running from : C:\Users\TEMP.Schwarzerovi-PC\Desktop\adwcleaner_4.201.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : MyWebSearchService
[#] Service Deleted : pcsuservice
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Auto Updater
Folder Deleted : C:\ProgramData\ClickPotatoLiteSA
Folder Deleted : C:\ProgramData\FileCure
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clickpotato
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc speed up
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Auto Updater
Folder Deleted : C:\Program Files (x86)\clickpotatolite
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\FunWebProducts
Folder Deleted : C:\Program Files (x86)\MyWebSearch
Folder Deleted : C:\Program Files (x86)\pc speed up
Folder Deleted : C:\Program Files (x86)\Surf Canyon
Folder Deleted : C:\Program Files (x86)\Uniblue
Folder Deleted : C:\Program Files (x86)\Vuze_Remote
Folder Deleted : C:\Program Files (x86)\SporTV
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
File Deleted : C:\Users\Public\Desktop\driverscanner.lnk
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Windows\SysWOW64\f3PSSavr.scr
***** [ Scheduled tasks ] *****
Task Deleted : dsmonitor
Task Deleted : PC SpeedUp Service Deactivator
Task Deleted : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\MenuButtonIE.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\surfcanyon.DLL
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE
Key Deleted : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.Registry
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.Registry.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2442061
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A3514F71-E63F-440B-8076-14226E21B2BF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D2083641-E57F-4EAB-BB85-0582424F4A29}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A298ED31-D405-40E2-880F-B7511948E582}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03FB8BCA-9FD1-4E20-9914-B8C9FAF25A4F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C503AED-FE31-400A-AA17-63C4295109D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BA3105E9-5DE6-4A1E-A819-6F5046AB67F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4F36-8D02-8C43722EE5DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A298ED31-D405-40E2-880F-B7511948E582}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A298ED31-D405-40E2-880F-B7511948E582}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\ClickPotatoLite
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\SporTV
Key Deleted : HKLM\SOFTWARE\Vuze_Remote
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AutoUpdater_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf Canyon
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SporTV Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Google Chrome v41.0.2272.118
*************************
AdwCleaner[R0].txt - [339 bytes] - [19/04/2015 18:39:00]
AdwCleaner[R1].txt - [20704 bytes] - [19/04/2015 19:52:47]
AdwCleaner[S0].txt - [16801 bytes] - [19/04/2015 19:54:18]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16861 bytes] ##########
zde přikládám 2 logy
log 1
# AdwCleaner v4.201 - Logfile created 19/04/2015 at 19:52:47
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Schwarzerovi - SCHWARZEROVI-PC
# Running from : C:\Users\TEMP.Schwarzerovi-PC\Desktop\adwcleaner_4.201.exe
# Option : Scan
***** [ Services ] *****
Service Found : MyWebSearchService
Service Found : pcsuservice
***** [ Files / Folders ] *****
File Found : C:\Users\Public\Desktop\driverscanner.lnk
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Windows\SysWOW64\f3PSSavr.scr
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\Auto Updater
Folder Found : C:\Program Files (x86)\clickpotatolite
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\FunWebProducts
Folder Found : C:\Program Files (x86)\MyWebSearch
Folder Found : C:\Program Files (x86)\pc speed up
Folder Found : C:\Program Files (x86)\SporTV
Folder Found : C:\Program Files (x86)\Surf Canyon
Folder Found : C:\Program Files (x86)\Uniblue
Folder Found : C:\Program Files (x86)\Vuze_Remote
Folder Found : C:\Program Files (x86)\Vuze_Remote
Folder Found : C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Auto Updater
Folder Found : C:\ProgramData\ClickPotatoLiteSA
Folder Found : C:\ProgramData\FileCure
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clickpotato
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc speed up
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Folder Found : C:\ProgramData\Partner
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Scheduled tasks ] *****
Task Found : dsmonitor
Task Found : PC SpeedUp Service Deactivator
Task Found : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A298ED31-D405-40E2-880F-B7511948E582}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A298ED31-D405-40E2-880F-B7511948E582}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\
Key Found : HKLM\SOFTWARE\Classes\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A3514F71-E63F-440B-8076-14226E21B2BF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D2083641-E57F-4EAB-BB85-0582424F4A29}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\MenuButtonIE.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\surfcanyon.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03FB8BCA-9FD1-4E20-9914-B8C9FAF25A4F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2C503AED-FE31-400A-AA17-63C4295109D6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A298ED31-D405-40E2-880F-B7511948E582}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\
Key Found : HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Found : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE
Key Found : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE.1
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Key Found : HKLM\SOFTWARE\Classes\PCSU.Registry
Key Found : HKLM\SOFTWARE\Classes\PCSU.Registry.1
Key Found : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Key Found : HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite
Key Found : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2442061
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BA3105E9-5DE6-4A1E-A819-6F5046AB67F5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Found : HKLM\SOFTWARE\ClickPotatoLite
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Key Found : HKLM\SOFTWARE\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A298ED31-D405-40E2-880F-B7511948E582}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03FB8BCA-9FD1-4E20-9914-B8C9FAF25A4F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2C503AED-FE31-400A-AA17-63C4295109D6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4F36-8D02-8C43722EE5DA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AutoUpdater_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SporTV Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf Canyon
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Found : HKLM\SOFTWARE\Speedchecker Limited
Key Found : HKLM\SOFTWARE\SporTV
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : HKLM\SOFTWARE\Uniblue\DriverScanner
Key Found : HKLM\SOFTWARE\Vuze_Remote
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A298ED31-D405-40E2-880F-B7511948E582}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A298ED31-D405-40E2-880F-B7511948E582}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Google Chrome v41.0.2272.118
*************************
AdwCleaner[R0].txt - [339 bytes] - [19/04/2015 18:39:00]
AdwCleaner[R1].txt - [20352 bytes] - [19/04/2015 19:52:47]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [20412 bytes] ##########
log 2
# AdwCleaner v4.201 - Logfile created 19/04/2015 at 19:54:18
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Schwarzerovi - SCHWARZEROVI-PC
# Running from : C:\Users\TEMP.Schwarzerovi-PC\Desktop\adwcleaner_4.201.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : MyWebSearchService
[#] Service Deleted : pcsuservice
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Auto Updater
Folder Deleted : C:\ProgramData\ClickPotatoLiteSA
Folder Deleted : C:\ProgramData\FileCure
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clickpotato
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc speed up
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Auto Updater
Folder Deleted : C:\Program Files (x86)\clickpotatolite
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\FunWebProducts
Folder Deleted : C:\Program Files (x86)\MyWebSearch
Folder Deleted : C:\Program Files (x86)\pc speed up
Folder Deleted : C:\Program Files (x86)\Surf Canyon
Folder Deleted : C:\Program Files (x86)\Uniblue
Folder Deleted : C:\Program Files (x86)\Vuze_Remote
Folder Deleted : C:\Program Files (x86)\SporTV
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
File Deleted : C:\Users\Public\Desktop\driverscanner.lnk
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Windows\SysWOW64\f3PSSavr.scr
***** [ Scheduled tasks ] *****
Task Deleted : dsmonitor
Task Deleted : PC SpeedUp Service Deactivator
Task Deleted : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\MenuButtonIE.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\surfcanyon.DLL
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE
Key Deleted : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.Registry
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.Registry.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2442061
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A3514F71-E63F-440B-8076-14226E21B2BF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D2083641-E57F-4EAB-BB85-0582424F4A29}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A298ED31-D405-40E2-880F-B7511948E582}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03FB8BCA-9FD1-4E20-9914-B8C9FAF25A4F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C503AED-FE31-400A-AA17-63C4295109D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BA3105E9-5DE6-4A1E-A819-6F5046AB67F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4F36-8D02-8C43722EE5DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A298ED31-D405-40E2-880F-B7511948E582}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A298ED31-D405-40E2-880F-B7511948E582}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\ClickPotatoLite
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\SporTV
Key Deleted : HKLM\SOFTWARE\Vuze_Remote
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AutoUpdater_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf Canyon
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SporTV Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Google Chrome v41.0.2272.118
*************************
AdwCleaner[R0].txt - [339 bytes] - [19/04/2015 18:39:00]
AdwCleaner[R1].txt - [20704 bytes] - [19/04/2015 19:52:47]
AdwCleaner[S0].txt - [16801 bytes] - [19/04/2015 19:54:18]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16861 bytes] ##########
Re: Totálně zasekaný notebook
Přikládám nový log
Logfile of random's system information tool 1.10 (written by random/random)
Run by Schwarzerovi at 2015-04-19 20:18:28
WIN_7 Service Pack 1
System drive C: has 24 GB (5%) free of 464 GB
Total RAM: 3957 MB (81% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:18:32, on 19/04/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
C:\Program Files\trend micro\Schwarzerovi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
--
End of file - 3705 bytes
======Listing Processes======
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\dsmonitor.job - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Security Scan for Schwarzerovi.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\PC Speed Up\PCSUSD.exe /dev0 /idle
C:\Windows\tasks\SDMsgUpdate (TE).job - C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe -PTE -V21000100 -SSDU.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -X
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-07 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-07 194504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-07-23 323072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-29 419112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecLiveUpdate]
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Network Configuration]
C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [2011-10-20 723936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder]
C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\O2]
C:\Program Files (x86)\O2\bin\sprtcmd.exe [2009-03-04 202016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-11-12 181480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2010-01-08 200704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealDownloader]
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29 560192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-29 8312352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmileboxTray]
C:\Users\Schwarzerovi\AppData\Roaming\Smilebox\SmileboxTray.exe [2010-08-10 304448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-05 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MP3 Rocket (Minimized).lnk]
C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OKI LPR Utility.lnk]
C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe [2011-10-20 260144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Printkey2000.lnk]
C:\Program Files (x86)\PrintKey2000\Printkey2000.exe [1999-09-30 869376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk]
C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe [2014-11-27 1024608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Schwarzerovi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
C:\PROGRA~2\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListen]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListenPush]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SupportSoft RemoteAssist]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-19 20:06:03 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\AVAST Software
2015-04-19 20:05:53 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Macromedia
2015-04-19 20:04:37 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Adobe
2015-04-19 20:03:42 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Identities
2015-04-19 20:03:03 ----SD---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Microsoft
2015-04-19 20:03:03 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Trusteer
2015-04-19 20:03:03 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Media Center Programs
2015-04-19 18:38:51 ----D---- C:\AdwCleaner
2015-04-19 13:19:27 ----D---- C:\rsit
2015-04-19 13:19:27 ----D---- C:\Program Files\trend micro
2015-04-19 12:31:19 ----A---- C:\Windows\ntbtlog.txt
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups2.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wucltux.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\invagent.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\generaltel.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\devinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\appraiser.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\aeinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\acmigration.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepic.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepdu.dll
2015-04-14 23:31:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-14 23:31:32 ----A---- C:\Windows\system32\gdi32.dll
2015-04-14 23:31:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-14 23:31:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-14 23:31:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-14 23:31:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-14 23:30:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-14 23:30:27 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\iernonce.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-14 23:30:25 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-14 23:30:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-14 23:30:24 ----A---- C:\Windows\system32\urlmon.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-14 23:30:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 23:30:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\iesetup.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-14 23:30:19 ----A---- C:\Windows\system32\iertutil.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-14 23:30:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-14 23:30:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieui.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieframe.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-14 23:30:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-14 23:29:36 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfs.sys
2015-04-14 00:03:48 ----D---- C:\AVAST Software
2015-04-10 16:50:35 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-10 16:50:34 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-04-19 20:03:01 ----RD---- C:\Users
2015-04-19 19:54:23 ----D---- C:\Windows\system32\Tasks
2015-04-19 19:54:22 ----RD---- C:\Program Files (x86)
2015-04-19 19:54:22 ----D---- C:\Windows\SysWOW64
2015-04-19 19:54:19 ----HD---- C:\ProgramData
2015-04-19 19:35:11 ----D---- C:\Windows\Temp
2015-04-19 13:51:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 13:19:27 ----D---- C:\Program Files
2015-04-19 13:13:13 ----D---- C:\Windows\system32\config
2015-04-19 13:05:08 ----SHD---- C:\System Volume Information
2015-04-19 12:38:49 ----D---- C:\Windows\winsxs
2015-04-19 12:38:34 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-19 12:33:05 ----AD---- C:\Windows
2015-04-19 12:31:39 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-19 12:31:39 ----D---- C:\Windows\PolicyDefinitions
2015-04-19 12:31:38 ----D---- C:\Windows\system32\en-US
2015-04-19 12:31:38 ----D---- C:\Windows\System32
2015-04-19 12:31:37 ----SD---- C:\Windows\system32\CompatTel
2015-04-19 12:31:37 ----D---- C:\Windows\system32\appraiser
2015-04-19 12:31:36 ----D---- C:\Windows\AppPatch
2015-04-19 12:31:34 ----D---- C:\Windows\system32\drivers
2015-04-19 12:31:34 ----D---- C:\Program Files\Internet Explorer
2015-04-19 12:31:26 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-19 12:21:29 ----SHD---- C:\Windows\Installer
2015-04-19 12:21:28 ----SHD---- C:\Config.Msi
2015-04-19 12:09:44 ----D---- C:\Windows\Microsoft.NET
2015-04-17 07:57:24 ----D---- C:\ProgramData\Microsoft Help
2015-04-16 18:45:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 18:44:55 ----D---- C:\Windows\inf
2015-04-16 18:43:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-16 17:17:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-16 17:17:22 ----D---- C:\ProgramData\Skype
2015-04-16 17:11:13 ----RD---- C:\Program Files (x86)\Skype
2015-04-16 16:36:42 ----D---- C:\Windows\system32\MRT
2015-04-15 21:03:42 ----D---- C:\Windows\debug
2015-04-15 21:01:49 ----A---- C:\Windows\system32\MRT.exe
2015-04-14 23:47:06 ----D---- C:\Windows\Minidump
2015-04-14 23:47:06 ----D---- C:\Windows\Logs
2015-04-14 23:25:56 ----D---- C:\Windows\system32\catroot2
2015-04-13 21:01:00 ----D---- C:\Windows\pss
2015-04-13 20:41:16 ----D---- C:\Windows\Prefetch
2015-03-26 20:58:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-26 20:56:57 ----D---- C:\Windows\system32\wbem
2015-03-26 20:56:07 ----D---- C:\ProgramData\GameXN
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-02 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-02 427360]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-14 487216]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 RapportCerberus_80128;RapportCerberus_80128; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [2015-03-05 844440]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-03-11 445816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-02 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-02 92008]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-08-06 320040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-06-25 205472]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-07-23 40448]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2007-09-17 29184]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2015-03-11 535576]
S3 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-03-11 558872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-16 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-02 50344]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S4 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-10-24 44736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19 268464]
S4 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S4 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
S4 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S4 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
S4 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S4 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S4 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S4 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S4 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-25 194032]
S4 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S4 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 268824]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-26 148080]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
S4 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S4 OpLclSrv;OKI Local Port Manager; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [2011-04-11 169472]
S4 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-03-11 1943832]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-10-26 39568]
S4 RealPlayer Cloud Service;RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-11-27 1141848]
S4 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
S4 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S4 sprtsvc_O2;SupportSoft Sprocket Service (O2); C:\Program Files (x86)\O2\bin\sprtsvc.exe [2009-03-04 202016]
S4 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [2010-09-24 329080]
S4 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S4 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S4 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S4 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Schwarzerovi at 2015-04-19 20:18:28
WIN_7 Service Pack 1
System drive C: has 24 GB (5%) free of 464 GB
Total RAM: 3957 MB (81% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:18:32, on 19/04/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
C:\Program Files\trend micro\Schwarzerovi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
--
End of file - 3705 bytes
======Listing Processes======
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\dsmonitor.job - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Security Scan for Schwarzerovi.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\PC Speed Up\PCSUSD.exe /dev0 /idle
C:\Windows\tasks\SDMsgUpdate (TE).job - C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe -PTE -V21000100 -SSDU.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -X
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-07 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-07 194504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-07-23 323072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-29 419112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecLiveUpdate]
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Network Configuration]
C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [2011-10-20 723936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder]
C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\O2]
C:\Program Files (x86)\O2\bin\sprtcmd.exe [2009-03-04 202016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-11-12 181480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2010-01-08 200704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealDownloader]
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29 560192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-29 8312352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmileboxTray]
C:\Users\Schwarzerovi\AppData\Roaming\Smilebox\SmileboxTray.exe [2010-08-10 304448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-05 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MP3 Rocket (Minimized).lnk]
C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OKI LPR Utility.lnk]
C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe [2011-10-20 260144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Printkey2000.lnk]
C:\Program Files (x86)\PrintKey2000\Printkey2000.exe [1999-09-30 869376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk]
C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe [2014-11-27 1024608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Schwarzerovi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
C:\PROGRA~2\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListen]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListenPush]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SupportSoft RemoteAssist]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-19 20:06:03 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\AVAST Software
2015-04-19 20:05:53 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Macromedia
2015-04-19 20:04:37 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Adobe
2015-04-19 20:03:42 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Identities
2015-04-19 20:03:03 ----SD---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Microsoft
2015-04-19 20:03:03 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Trusteer
2015-04-19 20:03:03 ----D---- C:\Users\TEMP.Schwarzerovi-PC\AppData\Roaming\Media Center Programs
2015-04-19 18:38:51 ----D---- C:\AdwCleaner
2015-04-19 13:19:27 ----D---- C:\rsit
2015-04-19 13:19:27 ----D---- C:\Program Files\trend micro
2015-04-19 12:31:19 ----A---- C:\Windows\ntbtlog.txt
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups2.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wucltux.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\invagent.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\generaltel.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\devinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\appraiser.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\aeinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\acmigration.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepic.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepdu.dll
2015-04-14 23:31:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-14 23:31:32 ----A---- C:\Windows\system32\gdi32.dll
2015-04-14 23:31:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-14 23:31:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-14 23:31:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-14 23:31:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-14 23:30:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-14 23:30:27 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\iernonce.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-14 23:30:25 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-14 23:30:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-14 23:30:24 ----A---- C:\Windows\system32\urlmon.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-14 23:30:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 23:30:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\iesetup.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-14 23:30:19 ----A---- C:\Windows\system32\iertutil.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-14 23:30:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-14 23:30:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieui.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieframe.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-14 23:30:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-14 23:29:36 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfs.sys
2015-04-14 00:03:48 ----D---- C:\AVAST Software
2015-04-10 16:50:35 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-10 16:50:34 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-04-19 20:03:01 ----RD---- C:\Users
2015-04-19 19:54:23 ----D---- C:\Windows\system32\Tasks
2015-04-19 19:54:22 ----RD---- C:\Program Files (x86)
2015-04-19 19:54:22 ----D---- C:\Windows\SysWOW64
2015-04-19 19:54:19 ----HD---- C:\ProgramData
2015-04-19 19:35:11 ----D---- C:\Windows\Temp
2015-04-19 13:51:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 13:19:27 ----D---- C:\Program Files
2015-04-19 13:13:13 ----D---- C:\Windows\system32\config
2015-04-19 13:05:08 ----SHD---- C:\System Volume Information
2015-04-19 12:38:49 ----D---- C:\Windows\winsxs
2015-04-19 12:38:34 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-19 12:33:05 ----AD---- C:\Windows
2015-04-19 12:31:39 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-19 12:31:39 ----D---- C:\Windows\PolicyDefinitions
2015-04-19 12:31:38 ----D---- C:\Windows\system32\en-US
2015-04-19 12:31:38 ----D---- C:\Windows\System32
2015-04-19 12:31:37 ----SD---- C:\Windows\system32\CompatTel
2015-04-19 12:31:37 ----D---- C:\Windows\system32\appraiser
2015-04-19 12:31:36 ----D---- C:\Windows\AppPatch
2015-04-19 12:31:34 ----D---- C:\Windows\system32\drivers
2015-04-19 12:31:34 ----D---- C:\Program Files\Internet Explorer
2015-04-19 12:31:26 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-19 12:21:29 ----SHD---- C:\Windows\Installer
2015-04-19 12:21:28 ----SHD---- C:\Config.Msi
2015-04-19 12:09:44 ----D---- C:\Windows\Microsoft.NET
2015-04-17 07:57:24 ----D---- C:\ProgramData\Microsoft Help
2015-04-16 18:45:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 18:44:55 ----D---- C:\Windows\inf
2015-04-16 18:43:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-16 17:17:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-16 17:17:22 ----D---- C:\ProgramData\Skype
2015-04-16 17:11:13 ----RD---- C:\Program Files (x86)\Skype
2015-04-16 16:36:42 ----D---- C:\Windows\system32\MRT
2015-04-15 21:03:42 ----D---- C:\Windows\debug
2015-04-15 21:01:49 ----A---- C:\Windows\system32\MRT.exe
2015-04-14 23:47:06 ----D---- C:\Windows\Minidump
2015-04-14 23:47:06 ----D---- C:\Windows\Logs
2015-04-14 23:25:56 ----D---- C:\Windows\system32\catroot2
2015-04-13 21:01:00 ----D---- C:\Windows\pss
2015-04-13 20:41:16 ----D---- C:\Windows\Prefetch
2015-03-26 20:58:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-26 20:56:57 ----D---- C:\Windows\system32\wbem
2015-03-26 20:56:07 ----D---- C:\ProgramData\GameXN
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-02 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-02 427360]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-14 487216]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 RapportCerberus_80128;RapportCerberus_80128; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [2015-03-05 844440]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-03-11 445816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-02 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-02 92008]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-08-06 320040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-06-25 205472]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-07-23 40448]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2007-09-17 29184]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2015-03-11 535576]
S3 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-03-11 558872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-16 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-02 50344]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S4 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-10-24 44736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19 268464]
S4 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S4 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
S4 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S4 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
S4 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S4 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S4 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S4 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S4 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-25 194032]
S4 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S4 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 268824]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-26 148080]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
S4 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S4 OpLclSrv;OKI Local Port Manager; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [2011-04-11 169472]
S4 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-03-11 1943832]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-10-26 39568]
S4 RealPlayer Cloud Service;RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-11-27 1141848]
S4 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
S4 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S4 sprtsvc_O2;SupportSoft Sprocket Service (O2); C:\Program Files (x86)\O2\bin\sprtsvc.exe [2009-03-04 202016]
S4 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [2010-09-24 329080]
S4 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S4 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S4 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S4 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Totálně zasekaný notebook
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Program Files (x86)\Microsoft\BingBar
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
:services
c2cautoupdatesvc
c2cpnrsvc
BBSvc
SeaPort
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Totálně zasekaný notebook
Pokud jsem to udelal spravne tak by to melo byt provedeno. Prikladam novy log.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jiri at 2015-05-01 21:37:08
WIN_7 Service Pack 1
System drive C: has 28 GB (6%) free of 464 GB
Total RAM: 3957 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:37:12, on 01/05/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\O2\bin\sprtcmd.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\trend micro\Jiri.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [O2] "C:\Program Files (x86)\O2\bin\sprtcmd.exe" /P O2
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - Global Startup: MP3 Rocket (Minimized).lnk = C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe
O4 - Global Startup: OKI LPR Utility.lnk = C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
O4 - Global Startup: Printkey2000.lnk = C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: OKI Local Port Manager (OpLclSrv) - Oki Data Corporation - C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
--
End of file - 9941 bytes
======Listing Processes======
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\dsmonitor.job - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Security Scan for Schwarzerovi.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\PC Speed Up\PCSUSD.exe /dev0 /idle
C:\Windows\tasks\SDMsgUpdate (TE).job - C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe -PTE -V21000100 -SSDU.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -X
=========Mozilla firefox=========
ProfilePath - C:\Users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\gl0wx20e.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-07 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-07 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-29 8312352]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-01-08 200704]
"Network Configuration"=C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [2011-10-20 723936]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-07-23 323072]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-11-12 181480]
"O2"=C:\Program Files (x86)\O2\bin\sprtcmd.exe [2009-03-04 202016]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED []
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-29 419112]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
MP3 Rocket (Minimized).lnk - C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe
OKI LPR Utility.lnk - C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
Printkey2000.lnk - C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListen]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListenPush]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SupportSoft RemoteAssist]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-01 21:37:08 ----D---- C:\rsit
2015-05-01 21:09:39 ----N---- C:\bootsqm.dat
2015-04-24 15:57:56 ----SHD---- C:\found.000
2015-04-24 10:32:47 ----ASH---- C:\pagefile.sys
2015-04-19 22:59:37 ----D---- C:\Users\Jiri\AppData\Roaming\Real
2015-04-19 22:34:30 ----D---- C:\Users\Jiri\AppData\Roaming\Mozilla
2015-04-19 22:33:10 ----D---- C:\Users\Jiri\AppData\Roaming\AVAST Software
2015-04-19 22:32:57 ----D---- C:\Users\Jiri\AppData\Roaming\ATI
2015-04-19 22:32:08 ----D---- C:\Users\Jiri\AppData\Roaming\Apple Computer
2015-04-19 22:31:47 ----D---- C:\Users\Jiri\AppData\Roaming\OkiData
2015-04-19 22:31:47 ----D---- C:\Users\Jiri\AppData\Roaming\Macromedia
2015-04-19 22:30:10 ----D---- C:\Users\Jiri\AppData\Roaming\Adobe
2015-04-19 22:29:25 ----D---- C:\Users\Jiri\AppData\Roaming\Identities
2015-04-19 22:25:43 ----D---- C:\Users\Jiri\AppData\Roaming\Media Center Programs
2015-04-19 22:25:42 ----SD---- C:\Users\Jiri\AppData\Roaming\Microsoft
2015-04-19 22:25:42 ----D---- C:\Users\Jiri\AppData\Roaming\Trusteer
2015-04-19 18:38:51 ----D---- C:\AdwCleaner
2015-04-19 13:19:27 ----D---- C:\Program Files\trend micro
2015-04-19 12:31:19 ----A---- C:\Windows\ntbtlog.txt
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups2.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wucltux.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\invagent.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\generaltel.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\devinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\appraiser.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\aeinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\acmigration.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepic.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepdu.dll
2015-04-14 23:31:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-14 23:31:32 ----A---- C:\Windows\system32\gdi32.dll
2015-04-14 23:31:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-14 23:31:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-14 23:31:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-14 23:31:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-14 23:31:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-14 23:31:14 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-14 23:31:14 ----A---- C:\Windows\system32\ntdll.dll
2015-04-14 23:31:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-14 23:31:13 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-14 23:31:13 ----A---- C:\Windows\system32\kernel32.dll
2015-04-14 23:31:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-14 23:31:10 ----A---- C:\Windows\system32\schannel.dll
2015-04-14 23:31:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-14 23:31:09 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-14 23:31:09 ----A---- C:\Windows\system32\wow64win.dll
2015-04-14 23:31:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\wow64.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\winsrv.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\wdigest.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\srcore.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\rstrui.exe
2015-04-14 23:31:08 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\kerberos.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-14 23:31:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-14 23:31:08 ----A---- C:\Windows\system32\conhost.exe
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\sspicli.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\srclient.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\smss.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\lsass.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\auditpol.exe
2015-04-14 23:31:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-14 23:31:06 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-14 23:31:06 ----A---- C:\Windows\system32\credssp.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-14 23:31:05 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-14 23:31:05 ----A---- C:\Windows\system32\secur32.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:31:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:31:00 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-14 23:30:59 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-14 23:30:59 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-14 23:30:59 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\msobjs.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\msaudite.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\adtschema.dll
2015-04-14 23:30:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-14 23:30:27 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\iernonce.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-14 23:30:25 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-14 23:30:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-14 23:30:24 ----A---- C:\Windows\system32\urlmon.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-14 23:30:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 23:30:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\iesetup.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-14 23:30:19 ----A---- C:\Windows\system32\iertutil.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-14 23:30:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-14 23:30:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieui.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieframe.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-14 23:30:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-14 23:29:36 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfs.sys
2015-04-14 00:03:48 ----D---- C:\AVAST Software
2015-04-10 16:50:35 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-10 16:50:34 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-05-01 21:32:44 ----D---- C:\Windows\Temp
2015-05-01 21:25:42 ----D---- C:\Windows\system32\config
2015-05-01 21:22:04 ----D---- C:\ProgramData\Real
2015-05-01 21:21:11 ----RD---- C:\Users
2015-05-01 21:15:29 ----D---- C:\Windows\winsxs
2015-05-01 21:14:05 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-01 21:13:39 ----AD---- C:\Windows
2015-05-01 21:10:53 ----D---- C:\Windows\SYSWOW64\en-US
2015-05-01 21:10:52 ----D---- C:\Windows\SysWOW64
2015-05-01 21:10:51 ----D---- C:\Windows\system32\en-US
2015-05-01 21:10:51 ----D---- C:\Windows\System32
2015-05-01 21:10:49 ----D---- C:\Windows\AppPatch
2015-05-01 21:10:48 ----D---- C:\Windows\system32\drivers
2015-04-29 22:21:02 ----D---- C:\Windows\Prefetch
2015-04-29 00:43:26 ----D---- C:\Windows\rescache
2015-04-28 22:48:41 ----SHD---- C:\System Volume Information
2015-04-28 22:39:48 ----D---- C:\Windows\Microsoft.NET
2015-04-28 22:39:46 ----RSD---- C:\Windows\assembly
2015-04-28 22:36:14 ----D---- C:\Program Files (x86)\Google
2015-04-28 22:28:19 ----D---- C:\Windows\AppCompat
2015-04-28 22:17:09 ----D---- C:\Windows\pss
2015-04-24 08:54:40 ----SHD---- C:\Recovery
2015-04-19 23:08:46 ----SHD---- C:\Windows\Installer
2015-04-19 23:08:27 ----SHD---- C:\Config.Msi
2015-04-19 23:08:07 ----RD---- C:\Program Files (x86)
2015-04-19 23:07:48 ----HD---- C:\ProgramData
2015-04-19 23:01:17 ----D---- C:\ProgramData\Package Cache
2015-04-19 23:01:10 ----D---- C:\Windows\system32\Tasks
2015-04-19 23:01:05 ----D---- C:\Program Files (x86)\Common Files
2015-04-19 22:59:04 ----D---- C:\Program Files (x86)\Vuze
2015-04-19 22:29:14 ----SHD---- C:\$Recycle.Bin
2015-04-19 21:05:26 ----D---- C:\Windows\inf
2015-04-19 21:05:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-19 13:51:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 13:19:27 ----D---- C:\Program Files
2015-04-19 12:31:39 ----D---- C:\Windows\PolicyDefinitions
2015-04-19 12:31:37 ----SD---- C:\Windows\system32\CompatTel
2015-04-19 12:31:37 ----D---- C:\Windows\system32\appraiser
2015-04-19 12:31:34 ----D---- C:\Program Files\Internet Explorer
2015-04-19 12:31:26 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-17 07:57:24 ----D---- C:\ProgramData\Microsoft Help
2015-04-16 18:45:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 17:17:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-16 17:17:22 ----D---- C:\ProgramData\Skype
2015-04-16 17:11:13 ----RD---- C:\Program Files (x86)\Skype
2015-04-16 16:36:42 ----D---- C:\Windows\system32\MRT
2015-04-15 21:03:42 ----D---- C:\Windows\debug
2015-04-15 21:01:49 ----A---- C:\Windows\system32\MRT.exe
2015-04-14 23:47:06 ----D---- C:\Windows\Minidump
2015-04-14 23:47:06 ----D---- C:\Windows\Logs
2015-04-14 23:25:56 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-02 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-02 427360]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-14 487216]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 RapportCerberus_80128;RapportCerberus_80128; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [2015-03-05 844440]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-03-11 445816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-02 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-02 92008]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-08-06 320040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-06-25 205472]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R4 RapportIaso;RapportIaso; \??\c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [2015-03-05 425752]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-07-23 40448]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2007-09-17 29184]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2015-03-11 535576]
S3 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-03-11 558872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-16 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-10-24 44736]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 268824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 OpLclSrv;OKI Local Port Manager; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [2011-04-11 169472]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-03-11 1943832]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19 268464]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-26 148080]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-02 50344]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
S4 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S4 sprtsvc_O2;SupportSoft Sprocket Service (O2); C:\Program Files (x86)\O2\bin\sprtsvc.exe [2009-03-04 202016]
S4 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [2010-09-24 329080]
S4 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S4 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S4 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S4 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jiri at 2015-05-01 21:37:08
WIN_7 Service Pack 1
System drive C: has 28 GB (6%) free of 464 GB
Total RAM: 3957 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:37:12, on 01/05/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\O2\bin\sprtcmd.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\trend micro\Jiri.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [O2] "C:\Program Files (x86)\O2\bin\sprtcmd.exe" /P O2
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - Global Startup: MP3 Rocket (Minimized).lnk = C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe
O4 - Global Startup: OKI LPR Utility.lnk = C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
O4 - Global Startup: Printkey2000.lnk = C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: OKI Local Port Manager (OpLclSrv) - Oki Data Corporation - C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
--
End of file - 9941 bytes
======Listing Processes======
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\dsmonitor.job - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Security Scan for Schwarzerovi.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\PC Speed Up\PCSUSD.exe /dev0 /idle
C:\Windows\tasks\SDMsgUpdate (TE).job - C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe -PTE -V21000100 -SSDU.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -X
=========Mozilla firefox=========
ProfilePath - C:\Users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\gl0wx20e.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-07 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-07 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-29 8312352]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-01-08 200704]
"Network Configuration"=C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [2011-10-20 723936]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-07-23 323072]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-11-12 181480]
"O2"=C:\Program Files (x86)\O2\bin\sprtcmd.exe [2009-03-04 202016]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED []
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-29 419112]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
MP3 Rocket (Minimized).lnk - C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe
OKI LPR Utility.lnk - C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
Printkey2000.lnk - C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListen]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListenPush]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SupportSoft RemoteAssist]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-01 21:37:08 ----D---- C:\rsit
2015-05-01 21:09:39 ----N---- C:\bootsqm.dat
2015-04-24 15:57:56 ----SHD---- C:\found.000
2015-04-24 10:32:47 ----ASH---- C:\pagefile.sys
2015-04-19 22:59:37 ----D---- C:\Users\Jiri\AppData\Roaming\Real
2015-04-19 22:34:30 ----D---- C:\Users\Jiri\AppData\Roaming\Mozilla
2015-04-19 22:33:10 ----D---- C:\Users\Jiri\AppData\Roaming\AVAST Software
2015-04-19 22:32:57 ----D---- C:\Users\Jiri\AppData\Roaming\ATI
2015-04-19 22:32:08 ----D---- C:\Users\Jiri\AppData\Roaming\Apple Computer
2015-04-19 22:31:47 ----D---- C:\Users\Jiri\AppData\Roaming\OkiData
2015-04-19 22:31:47 ----D---- C:\Users\Jiri\AppData\Roaming\Macromedia
2015-04-19 22:30:10 ----D---- C:\Users\Jiri\AppData\Roaming\Adobe
2015-04-19 22:29:25 ----D---- C:\Users\Jiri\AppData\Roaming\Identities
2015-04-19 22:25:43 ----D---- C:\Users\Jiri\AppData\Roaming\Media Center Programs
2015-04-19 22:25:42 ----SD---- C:\Users\Jiri\AppData\Roaming\Microsoft
2015-04-19 22:25:42 ----D---- C:\Users\Jiri\AppData\Roaming\Trusteer
2015-04-19 18:38:51 ----D---- C:\AdwCleaner
2015-04-19 13:19:27 ----D---- C:\Program Files\trend micro
2015-04-19 12:31:19 ----A---- C:\Windows\ntbtlog.txt
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups2.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wucltux.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\invagent.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\generaltel.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\devinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\appraiser.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\aeinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\acmigration.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepic.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepdu.dll
2015-04-14 23:31:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-14 23:31:32 ----A---- C:\Windows\system32\gdi32.dll
2015-04-14 23:31:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-14 23:31:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-14 23:31:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-14 23:31:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-14 23:31:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-14 23:31:14 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-14 23:31:14 ----A---- C:\Windows\system32\ntdll.dll
2015-04-14 23:31:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-14 23:31:13 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-14 23:31:13 ----A---- C:\Windows\system32\kernel32.dll
2015-04-14 23:31:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-14 23:31:10 ----A---- C:\Windows\system32\schannel.dll
2015-04-14 23:31:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-14 23:31:09 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-14 23:31:09 ----A---- C:\Windows\system32\wow64win.dll
2015-04-14 23:31:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\wow64.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\winsrv.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\wdigest.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\srcore.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\rstrui.exe
2015-04-14 23:31:08 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\kerberos.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-14 23:31:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-14 23:31:08 ----A---- C:\Windows\system32\conhost.exe
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\sspicli.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\srclient.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\smss.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\lsass.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\auditpol.exe
2015-04-14 23:31:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-14 23:31:06 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-14 23:31:06 ----A---- C:\Windows\system32\credssp.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-14 23:31:05 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-14 23:31:05 ----A---- C:\Windows\system32\secur32.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:31:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:31:00 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-14 23:30:59 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-14 23:30:59 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-14 23:30:59 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\msobjs.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\msaudite.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\adtschema.dll
2015-04-14 23:30:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-14 23:30:27 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\iernonce.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-14 23:30:25 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-14 23:30:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-14 23:30:24 ----A---- C:\Windows\system32\urlmon.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-14 23:30:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 23:30:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\iesetup.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-14 23:30:19 ----A---- C:\Windows\system32\iertutil.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-14 23:30:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-14 23:30:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieui.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieframe.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-14 23:30:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-14 23:29:36 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfs.sys
2015-04-14 00:03:48 ----D---- C:\AVAST Software
2015-04-10 16:50:35 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-10 16:50:34 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-05-01 21:32:44 ----D---- C:\Windows\Temp
2015-05-01 21:25:42 ----D---- C:\Windows\system32\config
2015-05-01 21:22:04 ----D---- C:\ProgramData\Real
2015-05-01 21:21:11 ----RD---- C:\Users
2015-05-01 21:15:29 ----D---- C:\Windows\winsxs
2015-05-01 21:14:05 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-01 21:13:39 ----AD---- C:\Windows
2015-05-01 21:10:53 ----D---- C:\Windows\SYSWOW64\en-US
2015-05-01 21:10:52 ----D---- C:\Windows\SysWOW64
2015-05-01 21:10:51 ----D---- C:\Windows\system32\en-US
2015-05-01 21:10:51 ----D---- C:\Windows\System32
2015-05-01 21:10:49 ----D---- C:\Windows\AppPatch
2015-05-01 21:10:48 ----D---- C:\Windows\system32\drivers
2015-04-29 22:21:02 ----D---- C:\Windows\Prefetch
2015-04-29 00:43:26 ----D---- C:\Windows\rescache
2015-04-28 22:48:41 ----SHD---- C:\System Volume Information
2015-04-28 22:39:48 ----D---- C:\Windows\Microsoft.NET
2015-04-28 22:39:46 ----RSD---- C:\Windows\assembly
2015-04-28 22:36:14 ----D---- C:\Program Files (x86)\Google
2015-04-28 22:28:19 ----D---- C:\Windows\AppCompat
2015-04-28 22:17:09 ----D---- C:\Windows\pss
2015-04-24 08:54:40 ----SHD---- C:\Recovery
2015-04-19 23:08:46 ----SHD---- C:\Windows\Installer
2015-04-19 23:08:27 ----SHD---- C:\Config.Msi
2015-04-19 23:08:07 ----RD---- C:\Program Files (x86)
2015-04-19 23:07:48 ----HD---- C:\ProgramData
2015-04-19 23:01:17 ----D---- C:\ProgramData\Package Cache
2015-04-19 23:01:10 ----D---- C:\Windows\system32\Tasks
2015-04-19 23:01:05 ----D---- C:\Program Files (x86)\Common Files
2015-04-19 22:59:04 ----D---- C:\Program Files (x86)\Vuze
2015-04-19 22:29:14 ----SHD---- C:\$Recycle.Bin
2015-04-19 21:05:26 ----D---- C:\Windows\inf
2015-04-19 21:05:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-19 13:51:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 13:19:27 ----D---- C:\Program Files
2015-04-19 12:31:39 ----D---- C:\Windows\PolicyDefinitions
2015-04-19 12:31:37 ----SD---- C:\Windows\system32\CompatTel
2015-04-19 12:31:37 ----D---- C:\Windows\system32\appraiser
2015-04-19 12:31:34 ----D---- C:\Program Files\Internet Explorer
2015-04-19 12:31:26 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-17 07:57:24 ----D---- C:\ProgramData\Microsoft Help
2015-04-16 18:45:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 17:17:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-16 17:17:22 ----D---- C:\ProgramData\Skype
2015-04-16 17:11:13 ----RD---- C:\Program Files (x86)\Skype
2015-04-16 16:36:42 ----D---- C:\Windows\system32\MRT
2015-04-15 21:03:42 ----D---- C:\Windows\debug
2015-04-15 21:01:49 ----A---- C:\Windows\system32\MRT.exe
2015-04-14 23:47:06 ----D---- C:\Windows\Minidump
2015-04-14 23:47:06 ----D---- C:\Windows\Logs
2015-04-14 23:25:56 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-02 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-02 427360]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-14 487216]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 RapportCerberus_80128;RapportCerberus_80128; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [2015-03-05 844440]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-03-11 445816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-02 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-02 92008]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-08-06 320040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-06-25 205472]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R4 RapportIaso;RapportIaso; \??\c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [2015-03-05 425752]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-07-23 40448]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2007-09-17 29184]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2015-03-11 535576]
S3 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-03-11 558872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-16 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-10-24 44736]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 268824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 OpLclSrv;OKI Local Port Manager; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [2011-04-11 169472]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-03-11 1943832]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19 268464]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-26 148080]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-02 50344]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
S4 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S4 sprtsvc_O2;SupportSoft Sprocket Service (O2); C:\Program Files (x86)\O2\bin\sprtsvc.exe [2009-03-04 202016]
S4 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [2010-09-24 329080]
S4 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S4 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S4 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S4 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Totálně zasekaný notebook
Ještě jednou spusťte OTM tímto skriptem:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Program Files (x86)\Google\Google Toolbar
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
:services
BBSvc
c2cautoupdatesvc
c2cpnrsvc
:commands
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Totálně zasekaný notebook
All processes killed
========== FILES ==========
C:\Program Files (x86)\Google\Google Toolbar\Component folder moved successfully.
C:\Program Files (x86)\Google\Google Toolbar folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service BBSvc stopped successfully!
Service BBSvc deleted successfully!
Service c2cautoupdatesvc stopped successfully!
Service c2cautoupdatesvc deleted successfully!
Service c2cpnrsvc stopped successfully!
Service c2cpnrsvc deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: AppData
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Jiri
->Temp folder emptied: 251040 bytes
->Temporary Internet Files folder emptied: 10605828 bytes
->FireFox cache emptied: 17488065 bytes
->Flash cache emptied: 567 bytes
User: Public
User: Schwarzerovi
->Temp folder emptied: 1578869138 bytes
->Temporary Internet Files folder emptied: 3030675753 bytes
->Java cache emptied: 8029673 bytes
->FireFox cache emptied: 447345552 bytes
->Google Chrome cache emptied: 15403602 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 105360 bytes
User: TEMP
User: TEMP.Schwarzerovi-PC
User: TEMP.Schwarzerovi-PC.000
->Temporary Internet Files folder emptied: 0 bytes
User: TEMP.Schwarzerovi-PC.001
->Temp folder emptied: 34927 bytes
->Temporary Internet Files folder emptied: 72107 bytes
->FireFox cache emptied: 1121361 bytes
->Flash cache emptied: 75 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 189886006 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 40549 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42259143 bytes
RecycleBin emptied: 12678152851 bytes
Total Files Cleaned = 17,186.00 mb
[EMPTYFLASH]
User: All Users
User: AppData
User: Default
User: Default User
User: Jiri
->Flash cache emptied: 0 bytes
User: Public
User: Schwarzerovi
->Flash cache emptied: 0 bytes
User: TEMP
User: TEMP.Schwarzerovi-PC
User: TEMP.Schwarzerovi-PC.000
User: TEMP.Schwarzerovi-PC.001
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 05012015_220636
Files moved on Reboot...
C:\Users\Jiri\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File C:\Users\Schwarzerovi\AppData\Local\Mozilla\Firefox\Profiles\5w1wema7.default\cache2\entries\C5B13CD416A4F9DC60F15E4DBF6C01D0F82D3A5B not found!
File C:\Users\TEMP.Schwarzerovi-PC.001\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jiri at 2015-05-01 22:21:42
WIN_7 Service Pack 1
System drive C: has 44 GB (10%) free of 464 GB
Total RAM: 3957 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:21:47, on 01/05/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\O2\bin\sprtcmd.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Jiri.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [O2] "C:\Program Files (x86)\O2\bin\sprtcmd.exe" /P O2
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - Global Startup: MP3 Rocket (Minimized).lnk = C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe
O4 - Global Startup: OKI LPR Utility.lnk = C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
O4 - Global Startup: Printkey2000.lnk = C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: OKI Local Port Manager (OpLclSrv) - Oki Data Corporation - C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
--
End of file - 9746 bytes
======Listing Processes======
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\dsmonitor.job - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Windows\tasks\Norton Security Scan for Schwarzerovi.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\PC Speed Up\PCSUSD.exe /dev0 /idle
C:\Windows\tasks\SDMsgUpdate (TE).job - C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe -PTE -V21000100 -SSDU.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -X
=========Mozilla firefox=========
ProfilePath - C:\Users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\gl0wx20e.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-29 8312352]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-01-08 200704]
"Network Configuration"=C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [2011-10-20 723936]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-07-23 323072]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-11-12 181480]
"O2"=C:\Program Files (x86)\O2\bin\sprtcmd.exe [2009-03-04 202016]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED []
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-29 419112]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
MP3 Rocket (Minimized).lnk - C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe
OKI LPR Utility.lnk - C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
Printkey2000.lnk - C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListen]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListenPush]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SupportSoft RemoteAssist]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-01 22:06:36 ----D---- C:\_OTM
2015-05-01 21:37:08 ----D---- C:\rsit
2015-05-01 21:09:39 ----N---- C:\bootsqm.dat
2015-04-24 15:57:56 ----SHD---- C:\found.000
2015-04-24 10:32:47 ----ASH---- C:\pagefile.sys
2015-04-19 22:59:37 ----D---- C:\Users\Jiri\AppData\Roaming\Real
2015-04-19 22:34:30 ----D---- C:\Users\Jiri\AppData\Roaming\Mozilla
2015-04-19 22:33:10 ----D---- C:\Users\Jiri\AppData\Roaming\AVAST Software
2015-04-19 22:32:57 ----D---- C:\Users\Jiri\AppData\Roaming\ATI
2015-04-19 22:32:08 ----D---- C:\Users\Jiri\AppData\Roaming\Apple Computer
2015-04-19 22:31:47 ----D---- C:\Users\Jiri\AppData\Roaming\OkiData
2015-04-19 22:31:47 ----D---- C:\Users\Jiri\AppData\Roaming\Macromedia
2015-04-19 22:30:10 ----D---- C:\Users\Jiri\AppData\Roaming\Adobe
2015-04-19 22:29:25 ----D---- C:\Users\Jiri\AppData\Roaming\Identities
2015-04-19 22:25:43 ----D---- C:\Users\Jiri\AppData\Roaming\Media Center Programs
2015-04-19 22:25:42 ----SD---- C:\Users\Jiri\AppData\Roaming\Microsoft
2015-04-19 22:25:42 ----D---- C:\Users\Jiri\AppData\Roaming\Trusteer
2015-04-19 18:38:51 ----D---- C:\AdwCleaner
2015-04-19 13:19:27 ----D---- C:\Program Files\trend micro
2015-04-19 12:31:19 ----A---- C:\Windows\ntbtlog.txt
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups2.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wucltux.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\invagent.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\generaltel.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\devinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\appraiser.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\aeinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\acmigration.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepic.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepdu.dll
2015-04-14 23:31:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-14 23:31:32 ----A---- C:\Windows\system32\gdi32.dll
2015-04-14 23:31:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-14 23:31:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-14 23:31:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-14 23:31:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-14 23:31:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-14 23:31:14 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-14 23:31:14 ----A---- C:\Windows\system32\ntdll.dll
2015-04-14 23:31:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-14 23:31:13 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-14 23:31:13 ----A---- C:\Windows\system32\kernel32.dll
2015-04-14 23:31:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-14 23:31:10 ----A---- C:\Windows\system32\schannel.dll
2015-04-14 23:31:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-14 23:31:09 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-14 23:31:09 ----A---- C:\Windows\system32\wow64win.dll
2015-04-14 23:31:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\wow64.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\winsrv.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\wdigest.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\srcore.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\rstrui.exe
2015-04-14 23:31:08 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\kerberos.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-14 23:31:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-14 23:31:08 ----A---- C:\Windows\system32\conhost.exe
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\sspicli.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\srclient.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\smss.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\lsass.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\auditpol.exe
2015-04-14 23:31:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-14 23:31:06 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-14 23:31:06 ----A---- C:\Windows\system32\credssp.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-14 23:31:05 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-14 23:31:05 ----A---- C:\Windows\system32\secur32.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:31:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:31:00 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-14 23:30:59 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-14 23:30:59 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-14 23:30:59 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\msobjs.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\msaudite.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\adtschema.dll
2015-04-14 23:30:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-14 23:30:27 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\iernonce.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-14 23:30:25 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-14 23:30:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-14 23:30:24 ----A---- C:\Windows\system32\urlmon.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-14 23:30:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 23:30:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\iesetup.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-14 23:30:19 ----A---- C:\Windows\system32\iertutil.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-14 23:30:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-14 23:30:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieui.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieframe.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-14 23:30:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-14 23:29:36 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfs.sys
2015-04-14 00:03:48 ----D---- C:\AVAST Software
2015-04-10 16:50:35 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-10 16:50:34 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-05-01 22:21:15 ----D---- C:\Windows\Temp
2015-05-01 22:19:17 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-01 22:06:37 ----D---- C:\Windows\Tasks
2015-05-01 22:06:37 ----D---- C:\Program Files (x86)\Google
2015-05-01 21:25:42 ----D---- C:\Windows\system32\config
2015-05-01 21:22:04 ----D---- C:\ProgramData\Real
2015-05-01 21:21:11 ----RD---- C:\Users
2015-05-01 21:15:29 ----D---- C:\Windows\winsxs
2015-05-01 21:13:39 ----AD---- C:\Windows
2015-05-01 21:10:53 ----D---- C:\Windows\SYSWOW64\en-US
2015-05-01 21:10:52 ----D---- C:\Windows\SysWOW64
2015-05-01 21:10:51 ----D---- C:\Windows\system32\en-US
2015-05-01 21:10:51 ----D---- C:\Windows\System32
2015-05-01 21:10:49 ----D---- C:\Windows\AppPatch
2015-05-01 21:10:48 ----D---- C:\Windows\system32\drivers
2015-04-29 22:21:02 ----D---- C:\Windows\Prefetch
2015-04-29 00:43:26 ----D---- C:\Windows\rescache
2015-04-28 22:48:41 ----SHD---- C:\System Volume Information
2015-04-28 22:39:48 ----D---- C:\Windows\Microsoft.NET
2015-04-28 22:39:46 ----RSD---- C:\Windows\assembly
2015-04-28 22:28:19 ----D---- C:\Windows\AppCompat
2015-04-28 22:17:09 ----D---- C:\Windows\pss
2015-04-24 08:54:40 ----SHD---- C:\Recovery
2015-04-19 23:08:46 ----SHD---- C:\Windows\Installer
2015-04-19 23:08:27 ----SHD---- C:\Config.Msi
2015-04-19 23:08:07 ----RD---- C:\Program Files (x86)
2015-04-19 23:07:48 ----HD---- C:\ProgramData
2015-04-19 23:01:17 ----D---- C:\ProgramData\Package Cache
2015-04-19 23:01:10 ----D---- C:\Windows\system32\Tasks
2015-04-19 23:01:05 ----D---- C:\Program Files (x86)\Common Files
2015-04-19 22:59:04 ----D---- C:\Program Files (x86)\Vuze
2015-04-19 22:29:14 ----SHD---- C:\$Recycle.Bin
2015-04-19 21:05:26 ----D---- C:\Windows\inf
2015-04-19 21:05:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-19 13:51:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 13:19:27 ----D---- C:\Program Files
2015-04-19 12:31:39 ----D---- C:\Windows\PolicyDefinitions
2015-04-19 12:31:37 ----SD---- C:\Windows\system32\CompatTel
2015-04-19 12:31:37 ----D---- C:\Windows\system32\appraiser
2015-04-19 12:31:34 ----D---- C:\Program Files\Internet Explorer
2015-04-19 12:31:26 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-17 07:57:24 ----D---- C:\ProgramData\Microsoft Help
2015-04-16 18:45:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 17:17:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-16 17:17:22 ----D---- C:\ProgramData\Skype
2015-04-16 17:11:13 ----RD---- C:\Program Files (x86)\Skype
2015-04-16 16:36:42 ----D---- C:\Windows\system32\MRT
2015-04-15 21:03:42 ----D---- C:\Windows\debug
2015-04-15 21:01:49 ----A---- C:\Windows\system32\MRT.exe
2015-04-14 23:47:06 ----D---- C:\Windows\Minidump
2015-04-14 23:47:06 ----D---- C:\Windows\Logs
2015-04-14 23:25:56 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-02 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-02 427360]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-14 487216]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 RapportCerberus_80128;RapportCerberus_80128; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [2015-03-05 844440]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-03-11 445816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-02 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-02 92008]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-08-06 320040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-06-25 205472]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-07-23 40448]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2007-09-17 29184]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2015-03-11 535576]
S3 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-03-11 558872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-16 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-10-24 44736]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 268824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 OpLclSrv;OKI Local Port Manager; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [2011-04-11 169472]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-03-11 1943832]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19 268464]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-26 148080]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-02 50344]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
S4 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S4 sprtsvc_O2;SupportSoft Sprocket Service (O2); C:\Program Files (x86)\O2\bin\sprtsvc.exe [2009-03-04 202016]
S4 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [2010-09-24 329080]
S4 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S4 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S4 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S4 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
-----------------EOF-----------------
========== FILES ==========
C:\Program Files (x86)\Google\Google Toolbar\Component folder moved successfully.
C:\Program Files (x86)\Google\Google Toolbar folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service BBSvc stopped successfully!
Service BBSvc deleted successfully!
Service c2cautoupdatesvc stopped successfully!
Service c2cautoupdatesvc deleted successfully!
Service c2cpnrsvc stopped successfully!
Service c2cpnrsvc deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: AppData
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Jiri
->Temp folder emptied: 251040 bytes
->Temporary Internet Files folder emptied: 10605828 bytes
->FireFox cache emptied: 17488065 bytes
->Flash cache emptied: 567 bytes
User: Public
User: Schwarzerovi
->Temp folder emptied: 1578869138 bytes
->Temporary Internet Files folder emptied: 3030675753 bytes
->Java cache emptied: 8029673 bytes
->FireFox cache emptied: 447345552 bytes
->Google Chrome cache emptied: 15403602 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 105360 bytes
User: TEMP
User: TEMP.Schwarzerovi-PC
User: TEMP.Schwarzerovi-PC.000
->Temporary Internet Files folder emptied: 0 bytes
User: TEMP.Schwarzerovi-PC.001
->Temp folder emptied: 34927 bytes
->Temporary Internet Files folder emptied: 72107 bytes
->FireFox cache emptied: 1121361 bytes
->Flash cache emptied: 75 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 189886006 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 40549 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42259143 bytes
RecycleBin emptied: 12678152851 bytes
Total Files Cleaned = 17,186.00 mb
[EMPTYFLASH]
User: All Users
User: AppData
User: Default
User: Default User
User: Jiri
->Flash cache emptied: 0 bytes
User: Public
User: Schwarzerovi
->Flash cache emptied: 0 bytes
User: TEMP
User: TEMP.Schwarzerovi-PC
User: TEMP.Schwarzerovi-PC.000
User: TEMP.Schwarzerovi-PC.001
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 05012015_220636
Files moved on Reboot...
C:\Users\Jiri\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File C:\Users\Schwarzerovi\AppData\Local\Mozilla\Firefox\Profiles\5w1wema7.default\cache2\entries\C5B13CD416A4F9DC60F15E4DBF6C01D0F82D3A5B not found!
File C:\Users\TEMP.Schwarzerovi-PC.001\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jiri at 2015-05-01 22:21:42
WIN_7 Service Pack 1
System drive C: has 44 GB (10%) free of 464 GB
Total RAM: 3957 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:21:47, on 01/05/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\O2\bin\sprtcmd.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Jiri.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [O2] "C:\Program Files (x86)\O2\bin\sprtcmd.exe" /P O2
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - Global Startup: MP3 Rocket (Minimized).lnk = C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe
O4 - Global Startup: OKI LPR Utility.lnk = C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
O4 - Global Startup: Printkey2000.lnk = C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: OKI Local Port Manager (OpLclSrv) - Oki Data Corporation - C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
--
End of file - 9746 bytes
======Listing Processes======
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\dsmonitor.job - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Windows\tasks\Norton Security Scan for Schwarzerovi.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\PC Speed Up\PCSUSD.exe /dev0 /idle
C:\Windows\tasks\SDMsgUpdate (TE).job - C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe -PTE -V21000100 -SSDU.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -X
=========Mozilla firefox=========
ProfilePath - C:\Users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\gl0wx20e.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-29 8312352]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-01-08 200704]
"Network Configuration"=C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [2011-10-20 723936]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-07-23 323072]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-02 4085896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-11-12 181480]
"O2"=C:\Program Files (x86)\O2\bin\sprtcmd.exe [2009-03-04 202016]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED []
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-29 419112]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
MP3 Rocket (Minimized).lnk - C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe
OKI LPR Utility.lnk - C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
Printkey2000.lnk - C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListen]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListenPush]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SupportSoft RemoteAssist]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-01 22:06:36 ----D---- C:\_OTM
2015-05-01 21:37:08 ----D---- C:\rsit
2015-05-01 21:09:39 ----N---- C:\bootsqm.dat
2015-04-24 15:57:56 ----SHD---- C:\found.000
2015-04-24 10:32:47 ----ASH---- C:\pagefile.sys
2015-04-19 22:59:37 ----D---- C:\Users\Jiri\AppData\Roaming\Real
2015-04-19 22:34:30 ----D---- C:\Users\Jiri\AppData\Roaming\Mozilla
2015-04-19 22:33:10 ----D---- C:\Users\Jiri\AppData\Roaming\AVAST Software
2015-04-19 22:32:57 ----D---- C:\Users\Jiri\AppData\Roaming\ATI
2015-04-19 22:32:08 ----D---- C:\Users\Jiri\AppData\Roaming\Apple Computer
2015-04-19 22:31:47 ----D---- C:\Users\Jiri\AppData\Roaming\OkiData
2015-04-19 22:31:47 ----D---- C:\Users\Jiri\AppData\Roaming\Macromedia
2015-04-19 22:30:10 ----D---- C:\Users\Jiri\AppData\Roaming\Adobe
2015-04-19 22:29:25 ----D---- C:\Users\Jiri\AppData\Roaming\Identities
2015-04-19 22:25:43 ----D---- C:\Users\Jiri\AppData\Roaming\Media Center Programs
2015-04-19 22:25:42 ----SD---- C:\Users\Jiri\AppData\Roaming\Microsoft
2015-04-19 22:25:42 ----D---- C:\Users\Jiri\AppData\Roaming\Trusteer
2015-04-19 18:38:51 ----D---- C:\AdwCleaner
2015-04-19 13:19:27 ----D---- C:\Program Files\trend micro
2015-04-19 12:31:19 ----A---- C:\Windows\ntbtlog.txt
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups2.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wups.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wudriver.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wucltux.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapp.exe
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wuapi.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 23:31:41 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\invagent.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\generaltel.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\devinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\appraiser.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\aeinv.dll
2015-04-14 23:31:34 ----A---- C:\Windows\system32\acmigration.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepic.dll
2015-04-14 23:31:33 ----A---- C:\Windows\system32\aepdu.dll
2015-04-14 23:31:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-14 23:31:32 ----A---- C:\Windows\system32\gdi32.dll
2015-04-14 23:31:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-14 23:31:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-14 23:31:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-14 23:31:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-14 23:31:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-14 23:31:14 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-14 23:31:14 ----A---- C:\Windows\system32\ntdll.dll
2015-04-14 23:31:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-14 23:31:13 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-14 23:31:13 ----A---- C:\Windows\system32\kernel32.dll
2015-04-14 23:31:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-14 23:31:10 ----A---- C:\Windows\system32\schannel.dll
2015-04-14 23:31:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-14 23:31:09 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-14 23:31:09 ----A---- C:\Windows\system32\wow64win.dll
2015-04-14 23:31:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-14 23:31:08 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\wow64.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\winsrv.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\wdigest.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\srcore.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\rstrui.exe
2015-04-14 23:31:08 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\kerberos.dll
2015-04-14 23:31:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-14 23:31:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-14 23:31:08 ----A---- C:\Windows\system32\conhost.exe
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-14 23:31:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\sspicli.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\srclient.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\smss.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\lsass.exe
2015-04-14 23:31:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-14 23:31:07 ----A---- C:\Windows\system32\auditpol.exe
2015-04-14 23:31:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-14 23:31:06 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-14 23:31:06 ----A---- C:\Windows\system32\credssp.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:31:05 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-14 23:31:05 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-14 23:31:05 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-14 23:31:05 ----A---- C:\Windows\system32\secur32.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:31:04 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:31:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:31:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:31:01 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:31:00 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-14 23:30:59 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-14 23:30:59 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-14 23:30:59 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-14 23:30:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\msobjs.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\msaudite.dll
2015-04-14 23:30:58 ----A---- C:\Windows\system32\adtschema.dll
2015-04-14 23:30:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-14 23:30:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-14 23:30:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-14 23:30:27 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-14 23:30:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\iernonce.dll
2015-04-14 23:30:26 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-14 23:30:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-14 23:30:25 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-14 23:30:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-14 23:30:24 ----A---- C:\Windows\system32\urlmon.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-14 23:30:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-14 23:30:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 23:30:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-14 23:30:21 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-14 23:30:21 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\iesetup.dll
2015-04-14 23:30:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-14 23:30:19 ----A---- C:\Windows\system32\iertutil.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 23:30:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-14 23:30:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-14 23:30:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-14 23:30:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieui.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\ieframe.dll
2015-04-14 23:30:15 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-14 23:30:14 ----A---- C:\Windows\system32\jscript9.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-14 23:30:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-14 23:30:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-14 23:29:36 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-14 23:29:36 ----A---- C:\Windows\system32\clfs.sys
2015-04-14 00:03:48 ----D---- C:\AVAST Software
2015-04-10 16:50:35 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-10 16:50:34 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-05-01 22:21:15 ----D---- C:\Windows\Temp
2015-05-01 22:19:17 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-01 22:06:37 ----D---- C:\Windows\Tasks
2015-05-01 22:06:37 ----D---- C:\Program Files (x86)\Google
2015-05-01 21:25:42 ----D---- C:\Windows\system32\config
2015-05-01 21:22:04 ----D---- C:\ProgramData\Real
2015-05-01 21:21:11 ----RD---- C:\Users
2015-05-01 21:15:29 ----D---- C:\Windows\winsxs
2015-05-01 21:13:39 ----AD---- C:\Windows
2015-05-01 21:10:53 ----D---- C:\Windows\SYSWOW64\en-US
2015-05-01 21:10:52 ----D---- C:\Windows\SysWOW64
2015-05-01 21:10:51 ----D---- C:\Windows\system32\en-US
2015-05-01 21:10:51 ----D---- C:\Windows\System32
2015-05-01 21:10:49 ----D---- C:\Windows\AppPatch
2015-05-01 21:10:48 ----D---- C:\Windows\system32\drivers
2015-04-29 22:21:02 ----D---- C:\Windows\Prefetch
2015-04-29 00:43:26 ----D---- C:\Windows\rescache
2015-04-28 22:48:41 ----SHD---- C:\System Volume Information
2015-04-28 22:39:48 ----D---- C:\Windows\Microsoft.NET
2015-04-28 22:39:46 ----RSD---- C:\Windows\assembly
2015-04-28 22:28:19 ----D---- C:\Windows\AppCompat
2015-04-28 22:17:09 ----D---- C:\Windows\pss
2015-04-24 08:54:40 ----SHD---- C:\Recovery
2015-04-19 23:08:46 ----SHD---- C:\Windows\Installer
2015-04-19 23:08:27 ----SHD---- C:\Config.Msi
2015-04-19 23:08:07 ----RD---- C:\Program Files (x86)
2015-04-19 23:07:48 ----HD---- C:\ProgramData
2015-04-19 23:01:17 ----D---- C:\ProgramData\Package Cache
2015-04-19 23:01:10 ----D---- C:\Windows\system32\Tasks
2015-04-19 23:01:05 ----D---- C:\Program Files (x86)\Common Files
2015-04-19 22:59:04 ----D---- C:\Program Files (x86)\Vuze
2015-04-19 22:29:14 ----SHD---- C:\$Recycle.Bin
2015-04-19 21:05:26 ----D---- C:\Windows\inf
2015-04-19 21:05:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-19 13:51:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 13:19:27 ----D---- C:\Program Files
2015-04-19 12:31:39 ----D---- C:\Windows\PolicyDefinitions
2015-04-19 12:31:37 ----SD---- C:\Windows\system32\CompatTel
2015-04-19 12:31:37 ----D---- C:\Windows\system32\appraiser
2015-04-19 12:31:34 ----D---- C:\Program Files\Internet Explorer
2015-04-19 12:31:26 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-17 07:57:24 ----D---- C:\ProgramData\Microsoft Help
2015-04-16 18:45:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 17:17:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-16 17:17:22 ----D---- C:\ProgramData\Skype
2015-04-16 17:11:13 ----RD---- C:\Program Files (x86)\Skype
2015-04-16 16:36:42 ----D---- C:\Windows\system32\MRT
2015-04-15 21:03:42 ----D---- C:\Windows\debug
2015-04-15 21:01:49 ----A---- C:\Windows\system32\MRT.exe
2015-04-14 23:47:06 ----D---- C:\Windows\Minidump
2015-04-14 23:47:06 ----D---- C:\Windows\Logs
2015-04-14 23:25:56 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-02 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-02 427360]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-14 487216]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 RapportCerberus_80128;RapportCerberus_80128; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [2015-03-05 844440]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-03-11 445816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-02 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-02 92008]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-08-06 320040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-06-25 205472]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-07-23 40448]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2007-09-17 29184]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2015-03-11 535576]
S3 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-03-11 558872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-16 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-10-24 44736]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 268824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 OpLclSrv;OKI Local Port Manager; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [2011-04-11 169472]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-03-11 1943832]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19 268464]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-26 148080]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-02 50344]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
S4 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S4 sprtsvc_O2;SupportSoft Sprocket Service (O2); C:\Program Files (x86)\O2\bin\sprtsvc.exe [2009-03-04 202016]
S4 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [2010-09-24 329080]
S4 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S4 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S4 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S4 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Totálně zasekaný notebook
Log je již OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?