Prosím o pomoc s reklamní havětí+ RSIT

Zpráva

mordoch2105 · #1 Příspěvek od **mordoch2105** » 08 zář 2015 13:31

Vlastní blbostí jsem si stáhnul jakousi havěť. Projevuje se tak, že mi neustále nabízí jakési reklamní stránky. Sám to nezvládnu a tak prosím o pomoc.
Děkuji
Tom

Logfile of random's system information tool 1.10 (written by random/random)
Run by TOM DANKA at 2015-09-08 14:28:06
Microsoft Windows 10 Home
System drive C: has 16 GB (21%) free of 75 GB
Total RAM: 2047 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:28:23, on 8.9.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\vVX3000.exe
C:\Users\TOM\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Program Files\trend micro\TOM DANKA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\TOM\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem11.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8439 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k GPSvcGroup
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\system32\viakaraokesrv.exe

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator

C:\WINDOWS\system32\SearchIndexer.exe /Embedding

"C:\Program Files\iPod\bin\iPodService.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2057203975-1653585335-7935412-10003_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2057203975-1653585335-7935412-10003 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\vVX3000.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Users\TOM\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="2540.0.1265736514\1477914010" "C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 2540 "\\.\pipe\gecko-crash-server-pipe.2540" plugin
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --proxy-stub-channel=Flash3208.713FD388.23863 --host-broker-channel=Flash3208.713FD388.9481 --host-pid=3208 --host-npapi-version=28 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll"
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --channel=4376.008FF8A4.863779712 --proxy-stub-channel=Flash3208.713FD388.23863 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll" --host-npapi-version=28 --type=renderer
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\TOM\Downloads\RSITx64.exe"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 620 624 632 8192 628
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey F123DA03-B901-202C-C4BC-7735BE807A3F -Reinvoke

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\xdg4xbec.default

prefs.js - "browser.startup.homepage" - "https://mail.radiounited.cz/webmail/log ... om/?_rdr=p"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\xdg4xbec.default\extensions\
firefox@helper

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31 172640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-20 1793736]
"VX3000"=C:\WINDOWS\vVX3000.exe [2010-05-20 762736]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-08-13 170256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\TOM\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-08-20 404064]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\River Past\Cam Do\CamDo.exe"="C:\Program Files\River Past\Cam Do\CamDo.exe:*:Enabled:River Past Cam Do"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-08 14:28:07 ----D---- C:\Program Files\trend micro
2015-09-08 09:04:26 ----A---- C:\AdwCleaner[C3].txt
2015-09-08 08:33:39 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-09-08 08:33:19 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-09-08 08:33:19 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-09-08 08:33:19 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-09-08 08:33:18 ----D---- C:\ProgramData\Malwarebytes
2015-09-08 08:33:18 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-08 08:18:06 ----A---- C:\AdwCleaner[C2].txt
2015-09-07 22:18:20 ----D---- C:\Users\TOM\AppData\Roaming\7DaysToDie
2015-09-07 22:02:53 ----D---- C:\Users\TOM\AppData\Roaming\ppslog
2015-09-07 17:11:55 ----ASH---- C:\pagefile.sys
2015-09-07 17:02:38 ----D---- C:\Program Files (x86)\Seznam.cz
2015-09-07 17:01:56 ----D---- C:\Users\TOM\AppData\Roaming\Seznam.cz
2015-09-07 17:01:43 ----D---- C:\Users\TOM\AppData\Roaming\Opera Software
2015-09-07 17:00:02 ----D---- C:\Program Files (x86)\Opera
2015-09-07 16:57:55 ----D---- C:\Users\TOM\AppData\Roaming\Win Cleaner
2015-09-07 16:55:27 ----D---- C:\Program Files (x86)\baidu
2015-09-07 16:53:36 ----D---- C:\Users\TOM\AppData\Roaming\uTorrent
2015-09-02 22:21:14 ----D---- C:\WINDOWS\Panther
2015-09-01 12:36:14 ----D---- C:\Users\TOM\AppData\Roaming\Digiarty
2015-09-01 12:32:32 ----D---- C:\WINDOWS\cs
2015-09-01 12:31:57 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-09-01 12:30:56 ----D---- C:\WINDOWS\PCHEALTH
2015-09-01 12:30:45 ----D---- C:\Program Files (x86)\Windows Live
2015-09-01 12:30:07 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2015-09-01 12:30:07 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2015-09-01 12:30:07 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2015-09-01 12:30:07 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2015-09-01 12:30:06 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2015-09-01 12:30:06 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_43.dll
2015-09-01 12:30:06 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2015-09-01 12:30:06 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2015-09-01 12:29:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_42.dll
2015-09-01 12:29:59 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2015-09-01 12:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_32.dll
2015-09-01 12:29:47 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2015-08-31 23:13:44 ----D---- C:\Users\TOM\AppData\Roaming\Sun
2015-08-31 17:02:03 ----D---- C:\WINDOWS\Minidump
2015-08-29 07:17:46 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-08-29 07:17:44 ----A---- C:\WINDOWS\system32\shell32.dll
2015-08-29 07:17:40 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-08-29 07:17:38 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-08-29 07:17:37 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 07:17:37 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 07:17:36 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2015-08-29 07:17:36 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 07:17:36 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-08-29 07:17:35 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-08-29 07:17:35 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-08-29 07:17:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-29 07:17:35 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 07:17:34 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 07:17:34 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 07:17:33 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2015-08-29 07:17:33 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 07:17:33 ----A---- C:\WINDOWS\system32\ci.dll
2015-08-29 07:17:32 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 07:17:32 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-08-29 07:17:32 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-29 07:17:31 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 07:17:31 ----A---- C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 07:17:31 ----A---- C:\WINDOWS\system32\reseteng.dll
2015-08-29 07:17:31 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 07:17:31 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 07:17:30 ----A---- C:\WINDOWS\system32\wlansvc.dll
2015-08-29 07:17:30 ----A---- C:\WINDOWS\system32\wfdprov.dll
2015-08-29 07:17:30 ----A---- C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 07:17:30 ----A---- C:\WINDOWS\system32\aitstatic.exe
2015-08-29 07:17:29 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2015-08-29 07:17:29 ----A---- C:\WINDOWS\SYSWOW64\wcnwiz.dll
2015-08-29 07:17:29 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2015-08-29 07:17:29 ----A---- C:\WINDOWS\system32\WcnApi.dll
2015-08-29 07:17:29 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 07:17:28 ----A---- C:\WINDOWS\system32\fdWCN.dll
2015-08-29 07:17:28 ----A---- C:\WINDOWS\system32\dafWCN.dll
2015-08-29 07:17:28 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 07:17:28 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 07:17:27 ----A---- C:\WINDOWS\SYSWOW64\PackageStateRoaming.dll
2015-08-29 07:17:27 ----A---- C:\WINDOWS\SYSWOW64\fdWCN.dll
2015-08-29 07:17:27 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 07:17:27 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-27 22:05:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-19 10:22:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-19 10:22:17 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-19 10:22:15 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-19 10:22:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-19 10:22:11 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-19 10:22:11 ----A---- C:\WINDOWS\system32\tquery.dll
2015-08-19 10:22:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2015-08-19 10:22:10 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-08-19 10:22:10 ----A---- C:\WINDOWS\explorer.exe
2015-08-19 10:22:09 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-19 10:22:08 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-08-19 10:22:08 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2015-08-19 10:22:08 ----A---- C:\WINDOWS\system32\Chakra.dll
2015-08-19 10:22:08 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-08-19 10:22:07 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-08-19 10:22:07 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2015-08-19 10:22:07 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-19 10:22:06 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-08-19 10:22:06 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-19 10:22:06 ----A---- C:\WINDOWS\system32\InputService.dll
2015-08-19 10:22:06 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-19 10:22:05 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-08-19 10:22:05 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-08-19 10:22:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-08-19 10:22:03 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2015-08-19 10:22:03 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-08-19 10:22:03 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-08-19 10:22:03 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2015-08-19 10:22:02 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2015-08-19 10:22:02 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2015-08-19 10:22:02 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2015-08-19 10:22:02 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-19 10:22:02 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\system32\diagtrack_win.dll
2015-08-19 10:22:00 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2015-08-19 10:22:00 ----A---- C:\WINDOWS\system32\ReAgent.dll
2015-08-19 10:22:00 ----A---- C:\WINDOWS\system32\mfplat.dll
2015-08-19 10:22:00 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-08-19 10:22:00 ----A---- C:\WINDOWS\system32\LocationPermissions.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2015-08-19 10:21:59 ----A---- C:\WINDOWS\system32\cloudAP.dll
2015-08-19 10:21:58 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2015-08-19 10:21:58 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-19 10:21:58 ----A---- C:\WINDOWS\system32\rdbui.dll
2015-08-19 10:21:58 ----A---- C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-19 10:21:58 ----A---- C:\WINDOWS\system32\LocationGeofences.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\system32\syncutil.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2015-08-19 10:21:56 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2015-08-19 10:21:56 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2015-08-19 10:21:56 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-19 10:21:56 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-08-19 10:21:56 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2015-08-19 10:21:56 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\SYSWOW64\tetheringclient.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-08-19 10:21:55 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\system32\mssprxy.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-08-19 10:21:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 10:21:54 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 10:21:54 ----A---- C:\WINDOWS\system32\GamePanel.exe
2015-08-19 10:21:53 ----A---- C:\WINDOWS\SYSWOW64\ReInfo.dll
2015-08-19 10:21:53 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2015-08-17 14:12:56 ----A---- C:\AdwCleaner[C1].txt
2015-08-17 10:45:38 ----D---- C:\Program Files (x86)\Google
2015-08-16 17:46:44 ----D---- C:\Program Files (x86)\iTunes
2015-08-16 17:46:43 ----D---- C:\Program Files\iPod
2015-08-16 17:46:36 ----D---- C:\Program Files\iTunes
2015-08-14 17:55:36 ----D---- C:\Users\TOM\AppData\Roaming\Audacity
2015-08-14 17:55:15 ----D---- C:\Program Files (x86)\Audacity
2015-08-12 15:17:14 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2015-08-11 22:41:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-11 22:41:39 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-11 22:41:27 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-11 22:41:25 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-11 22:41:22 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-11 22:41:15 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-11 22:41:15 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2015-08-11 22:41:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2015-08-11 22:41:14 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-11 22:41:13 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2015-08-11 22:41:13 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-11 22:41:13 ----A---- C:\WINDOWS\system32\schedsvc.dll
2015-08-11 22:41:13 ----A---- C:\WINDOWS\system32\mf.dll
2015-08-11 22:41:13 ----A---- C:\WINDOWS\system32\LogonController.dll
2015-08-11 22:41:12 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-11 22:41:12 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-11 22:41:11 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2015-08-11 22:41:11 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2015-08-11 22:41:11 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-08-11 22:41:11 ----A---- C:\WINDOWS\system32\mfsvr.dll
2015-08-11 22:41:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-11 22:41:10 ----A---- C:\WINDOWS\system32\WWAHost.exe
2015-08-11 22:41:10 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-11 22:41:10 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-11 22:41:09 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2015-08-11 22:41:09 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2015-08-11 22:41:08 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2015-08-11 22:41:08 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-11 22:41:08 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-11 22:41:08 ----A---- C:\WINDOWS\system32\NetworkStatus.dll
2015-08-11 22:41:08 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2015-08-11 22:41:08 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2015-08-11 22:41:08 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2015-08-11 22:41:07 ----A---- C:\WINDOWS\SYSWOW64\ActionCenter.dll
2015-08-11 22:41:07 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-11 22:41:07 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-11 22:41:07 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-11 22:41:07 ----A---- C:\WINDOWS\system32\msctfuimanager.dll
2015-08-11 22:41:07 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-11 22:41:06 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2015-08-11 22:41:06 ----A---- C:\WINDOWS\SYSWOW64\msctfuimanager.dll
2015-08-11 22:41:06 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2015-08-11 22:41:06 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-08-11 22:41:05 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-11 22:41:05 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-11 22:41:05 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2015-08-11 22:41:05 ----A---- C:\WINDOWS\system32\configmanager2.dll
2015-08-11 22:41:04 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-11 22:41:04 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-11 22:41:04 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-11 22:41:04 ----A---- C:\WINDOWS\notepad.exe
2015-08-11 22:41:03 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-11 22:41:03 ----A---- C:\WINDOWS\system32\coredpus.dll
2015-08-11 22:41:02 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys
2015-08-11 22:41:01 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-11 22:41:01 ----A---- C:\WINDOWS\system32\drivers\msgpiowin32.sys
2015-08-11 22:40:57 ----A---- C:\WINDOWS\system32\mfps.dll
2015-08-11 22:40:56 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2015-08-11 22:40:52 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2015-08-11 22:40:52 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2015-08-11 22:40:51 ----A---- C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-11 22:40:50 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-11 22:40:50 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2015-08-11 22:40:49 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2015-08-11 22:40:49 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-11 22:40:49 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2015-08-11 22:40:49 ----A---- C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-11 22:40:48 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2015-08-11 22:40:48 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-11 15:04:54 ----A---- C:\WINDOWS\system32\drivers\ssudmdm.sys
2015-08-11 15:04:39 ----A---- C:\WINDOWS\system32\drivers\ssudbus.sys

======List of files/folders modified in the last 1 month======

2015-09-08 14:28:18 ----D---- C:\WINDOWS\Prefetch
2015-09-08 14:28:07 ----RD---- C:\Program Files
2015-09-08 14:26:46 ----D---- C:\WINDOWS\System32
2015-09-08 14:26:46 ----D---- C:\WINDOWS\INF
2015-09-08 14:26:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-08 14:24:33 ----D---- C:\WINDOWS\system32\sru
2015-09-08 14:23:48 ----D---- C:\WINDOWS\Temp
2015-09-08 09:05:18 ----D---- C:\ProgramData\NVIDIA
2015-09-08 09:04:03 ----A---- C:\AdwCleaner[S3].txt
2015-09-08 08:48:37 ----D---- C:\Windows
2015-09-08 08:48:34 ----D---- C:\WINDOWS\system32\drivers
2015-09-08 08:48:34 ----D---- C:\WINDOWS\Cursors
2015-09-08 08:47:41 ----RD---- C:\Program Files (x86)
2015-09-08 08:34:25 ----D---- C:\WINDOWS\SoftwareDistribution
2015-09-08 08:33:55 ----D---- C:\WINDOWS\Logs
2015-09-08 08:33:55 ----D---- C:\WINDOWS\debug
2015-09-08 08:33:18 ----HD---- C:\ProgramData
2015-09-08 08:22:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-08 08:18:07 ----D---- C:\AdwCleaner
2015-09-08 08:17:51 ----A---- C:\AdwCleaner[S2].txt
2015-09-08 05:00:46 ----D---- C:\WINDOWS\AppReadiness
2015-09-07 22:07:17 ----RSD---- C:\WINDOWS\Fonts
2015-09-07 22:00:05 ----SHD---- C:\WINDOWS\Installer
2015-09-07 22:00:05 ----D---- C:\Config.Msi
2015-09-07 17:42:01 ----D---- C:\WINDOWS\system32\Tasks
2015-09-07 17:26:34 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-07 17:10:47 ----D---- C:\WINDOWS\Tasks
2015-09-07 17:00:39 ----SD---- C:\Users\TOM\AppData\Roaming\Microsoft
2015-09-07 16:59:23 ----SD---- C:\ProgramData\Microsoft
2015-09-07 16:57:48 ----SHD---- C:\$Recycle.Bin
2015-09-06 09:34:21 ----D---- C:\WINDOWS\system32\config
2015-09-05 07:10:07 ----HD---- C:\Program Files\WindowsApps
2015-09-04 10:34:38 ----D---- C:\WINDOWS\system32\DriverStore
2015-09-04 10:34:22 ----D---- C:\WINDOWS\WinSxS
2015-09-04 10:22:48 ----D---- C:\ProgramData\Microsoft Help
2015-09-03 11:20:54 ----D---- C:\WINDOWS\SysWOW64
2015-09-03 11:18:22 ----D---- C:\Program Files (x86)\Common Files
2015-09-03 11:12:13 ----RD---- C:\WINDOWS\assembly
2015-09-03 11:09:35 ----D---- C:\Program Files (x86)\Microsoft Office
2015-09-02 22:22:42 ----A---- C:\WINDOWS\win.ini
2015-09-02 10:01:47 ----D---- C:\Program Files (x86)\Microsoft Works
2015-09-01 12:30:56 ----D---- C:\Program Files\Common Files\microsoft shared
2015-08-31 23:14:35 ----D---- C:\ProgramData\Oracle
2015-08-31 23:14:09 ----D---- C:\Program Files (x86)\Java
2015-08-31 23:13:33 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-08-30 20:41:21 ----D---- C:\WINDOWS\rescache
2015-08-30 09:07:43 ----D---- C:\WINDOWS\system32\oobe
2015-08-30 09:07:43 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-08-30 09:07:43 ----D---- C:\WINDOWS\system32\appraiser
2015-08-30 09:07:43 ----D---- C:\WINDOWS\AppPatch
2015-08-30 09:05:59 ----D---- C:\WINDOWS\CbsTemp
2015-08-29 07:12:35 ----D---- C:\WINDOWS\system32\catroot2
2015-08-21 06:32:48 ----D---- C:\MRTVOLA
2015-08-21 03:30:58 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-08-21 03:30:57 ----RD---- C:\WINDOWS\DevicesFlow
2015-08-18 23:14:51 ----D---- C:\WINDOWS\ModemLogs
2015-08-17 14:12:32 ----A---- C:\AdwCleaner[S1].txt
2015-08-16 17:46:43 ----D---- C:\Program Files\Common Files\Apple
2015-08-12 06:57:57 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-08-12 06:57:56 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-08-12 06:57:56 ----D---- C:\WINDOWS\system32\cs-CZ
2015-08-11 22:44:49 ----D---- C:\WINDOWS\system32\MRT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-07-31 175104]
R3 MTsensor;@oem5.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 NVHDA;@oem10.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-02-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-31 12896400]
R3 NVNET;@netnvm64.inf,%NVENETFD.Service.DispName%;NVIDIA nForce Ethernet Driver; C:\WINDOWS\System32\drivers\nvmf6264.sys [2015-07-10 344192]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2015-07-10 131584]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-07-10 32256]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dg_ssudbus;@oem14.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-08-11 108800]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-09-08 113880]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-07-17 934752]
S3 ssudmdm;@oem22.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-08-11 206080]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-07-14 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-07-10 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-07-10 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-07-10 27488]
S3 USBAAPL64;@oem2.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Sériový ovladač USB od společnosti Microsoft; C:\WINDOWS\System32\drivers\usbser.sys [2015-07-24 67072]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\WINDOWS\System32\drivers\vhf.sys [2015-07-10 31744]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-07-31 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-29 932040]
R2 OneSyncSvc_Session2;Hostitel synchronizace_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-06-29 410952]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-08-13 644880]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session2;Data kontaktů_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 UnistoreSvc_Session2;Úložiště uživatelských dat_Session2; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 UserDataSvc_Session2;Přístup k uživatelským datům_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-07-12 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-07-10 50352]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 08 zář 2015 17:41

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

mordoch · #3 Příspěvek od **mordoch** » 09 zář 2015 04:19

Děkuji..

Logfile of random's system information tool 1.10 (written by random/random)
Run by TOM DANKA at 2015-09-09 05:17:33
Microsoft Windows 10 Home
System drive C: has 15 GB (20%) free of 75 GB
Total RAM: 2047 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:17:37, on 9.9.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\vVX3000.exe
C:\Users\TOM\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\TOM\AppData\Roaming\InetStat\inetstat.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\TOM DANKA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\TOM\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [InetStat] C:\Users\TOM\AppData\Roaming\InetStat\inetstat.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem11.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8320 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\viakaraokesrv.exe

C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iPod\bin\iPodService.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\vVX3000.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Users\TOM\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\TOM\AppData\Roaming\InetStat\inetstat.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\InstallAgent.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k smphost
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe25_ Global\UsGthrCtrlFltPipeMssGthrPipe25 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2057203975-1653585335-7935412-100026_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2057203975-1653585335-7935412-100026 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 616 620 628 8192 624
taskeng.exe {8A805A2E-BB41-4464-9934-8A75005B1A12}
"C:\Users\TOM\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\xdg4xbec.default

prefs.js - "browser.startup.homepage" - "https://mail.radiounited.cz/webmail/log ... om/?_rdr=p"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\xdg4xbec.default\extensions\
firefox@helper

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31 172640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-20 1793736]
"VX3000"=C:\WINDOWS\vVX3000.exe [2010-05-20 762736]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-08-13 170256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\TOM\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-08-20 404064]
"InetStat"=C:\Users\TOM\AppData\Roaming\InetStat\inetstat.exe [2015-09-08 840206]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\River Past\Cam Do\CamDo.exe"="C:\Program Files\River Past\Cam Do\CamDo.exe:*:Enabled:River Past Cam Do"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-08 17:00:08 ----D---- C:\Users\TOM\AppData\Roaming\InetStat
2015-09-08 14:28:07 ----D---- C:\Program Files\trend micro
2015-09-08 09:04:26 ----A---- C:\AdwCleaner[C3].txt
2015-09-08 08:33:39 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-09-08 08:33:19 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-09-08 08:33:19 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-09-08 08:33:19 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-09-08 08:33:18 ----D---- C:\ProgramData\Malwarebytes
2015-09-08 08:33:18 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-08 08:18:06 ----A---- C:\AdwCleaner[C2].txt
2015-09-07 22:18:20 ----D---- C:\Users\TOM\AppData\Roaming\7DaysToDie
2015-09-07 22:02:53 ----D---- C:\Users\TOM\AppData\Roaming\ppslog
2015-09-07 17:11:55 ----ASH---- C:\pagefile.sys
2015-09-07 17:02:38 ----D---- C:\Program Files (x86)\Seznam.cz
2015-09-07 17:01:56 ----D---- C:\Users\TOM\AppData\Roaming\Seznam.cz
2015-09-07 17:01:43 ----D---- C:\Users\TOM\AppData\Roaming\Opera Software
2015-09-07 17:00:02 ----D---- C:\Program Files (x86)\Opera
2015-09-07 16:57:55 ----D---- C:\Users\TOM\AppData\Roaming\Win Cleaner
2015-09-07 16:55:27 ----D---- C:\Program Files (x86)\baidu
2015-09-07 16:53:36 ----D---- C:\Users\TOM\AppData\Roaming\uTorrent
2015-09-02 22:21:14 ----D---- C:\WINDOWS\Panther
2015-09-01 12:36:14 ----D---- C:\Users\TOM\AppData\Roaming\Digiarty
2015-09-01 12:32:32 ----D---- C:\WINDOWS\cs
2015-09-01 12:31:57 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-09-01 12:30:56 ----D---- C:\WINDOWS\PCHEALTH
2015-09-01 12:30:45 ----D---- C:\Program Files (x86)\Windows Live
2015-09-01 12:30:07 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2015-09-01 12:30:07 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2015-09-01 12:30:07 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2015-09-01 12:30:07 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2015-09-01 12:30:06 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2015-09-01 12:30:06 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_43.dll
2015-09-01 12:30:06 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2015-09-01 12:30:06 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2015-09-01 12:29:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_42.dll
2015-09-01 12:29:59 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2015-09-01 12:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_32.dll
2015-09-01 12:29:47 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2015-08-31 23:13:44 ----D---- C:\Users\TOM\AppData\Roaming\Sun
2015-08-31 17:02:03 ----D---- C:\WINDOWS\Minidump
2015-08-29 07:17:46 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-08-29 07:17:44 ----A---- C:\WINDOWS\system32\shell32.dll
2015-08-29 07:17:40 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-08-29 07:17:38 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-08-29 07:17:37 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 07:17:37 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 07:17:36 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2015-08-29 07:17:36 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 07:17:36 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-08-29 07:17:35 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-08-29 07:17:35 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-08-29 07:17:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-29 07:17:35 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 07:17:34 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 07:17:34 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 07:17:33 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2015-08-29 07:17:33 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 07:17:33 ----A---- C:\WINDOWS\system32\ci.dll
2015-08-29 07:17:32 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 07:17:32 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-08-29 07:17:32 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-29 07:17:31 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 07:17:31 ----A---- C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 07:17:31 ----A---- C:\WINDOWS\system32\reseteng.dll
2015-08-29 07:17:31 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 07:17:31 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 07:17:30 ----A---- C:\WINDOWS\system32\wlansvc.dll
2015-08-29 07:17:30 ----A---- C:\WINDOWS\system32\wfdprov.dll
2015-08-29 07:17:30 ----A---- C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 07:17:30 ----A---- C:\WINDOWS\system32\aitstatic.exe
2015-08-29 07:17:29 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2015-08-29 07:17:29 ----A---- C:\WINDOWS\SYSWOW64\wcnwiz.dll
2015-08-29 07:17:29 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2015-08-29 07:17:29 ----A---- C:\WINDOWS\system32\WcnApi.dll
2015-08-29 07:17:29 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 07:17:28 ----A---- C:\WINDOWS\system32\fdWCN.dll
2015-08-29 07:17:28 ----A---- C:\WINDOWS\system32\dafWCN.dll
2015-08-29 07:17:28 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 07:17:28 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 07:17:27 ----A---- C:\WINDOWS\SYSWOW64\PackageStateRoaming.dll
2015-08-29 07:17:27 ----A---- C:\WINDOWS\SYSWOW64\fdWCN.dll
2015-08-29 07:17:27 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 07:17:27 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-27 22:05:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-19 10:22:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-19 10:22:17 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-19 10:22:15 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-19 10:22:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-19 10:22:11 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-19 10:22:11 ----A---- C:\WINDOWS\system32\tquery.dll
2015-08-19 10:22:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2015-08-19 10:22:10 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-08-19 10:22:10 ----A---- C:\WINDOWS\explorer.exe
2015-08-19 10:22:09 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-19 10:22:08 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-08-19 10:22:08 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2015-08-19 10:22:08 ----A---- C:\WINDOWS\system32\Chakra.dll
2015-08-19 10:22:08 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-08-19 10:22:07 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-08-19 10:22:07 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2015-08-19 10:22:07 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-19 10:22:06 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-08-19 10:22:06 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-19 10:22:06 ----A---- C:\WINDOWS\system32\InputService.dll
2015-08-19 10:22:06 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-19 10:22:05 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-08-19 10:22:05 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-08-19 10:22:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-08-19 10:22:03 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2015-08-19 10:22:03 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-08-19 10:22:03 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-08-19 10:22:03 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2015-08-19 10:22:02 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2015-08-19 10:22:02 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2015-08-19 10:22:02 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2015-08-19 10:22:02 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-19 10:22:02 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-19 10:22:01 ----A---- C:\WINDOWS\system32\diagtrack_win.dll
2015-08-19 10:22:00 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2015-08-19 10:22:00 ----A---- C:\WINDOWS\system32\ReAgent.dll
2015-08-19 10:22:00 ----A---- C:\WINDOWS\system32\mfplat.dll
2015-08-19 10:22:00 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-08-19 10:22:00 ----A---- C:\WINDOWS\system32\LocationPermissions.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-19 10:21:59 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2015-08-19 10:21:59 ----A---- C:\WINDOWS\system32\cloudAP.dll
2015-08-19 10:21:58 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2015-08-19 10:21:58 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-19 10:21:58 ----A---- C:\WINDOWS\system32\rdbui.dll
2015-08-19 10:21:58 ----A---- C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-19 10:21:58 ----A---- C:\WINDOWS\system32\LocationGeofences.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\system32\syncutil.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-19 10:21:57 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2015-08-19 10:21:56 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2015-08-19 10:21:56 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2015-08-19 10:21:56 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-19 10:21:56 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-08-19 10:21:56 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2015-08-19 10:21:56 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\SYSWOW64\tetheringclient.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-08-19 10:21:55 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\system32\mssprxy.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-19 10:21:55 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-08-19 10:21:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 10:21:54 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 10:21:54 ----A---- C:\WINDOWS\system32\GamePanel.exe
2015-08-19 10:21:53 ----A---- C:\WINDOWS\SYSWOW64\ReInfo.dll
2015-08-19 10:21:53 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2015-08-17 14:12:56 ----A---- C:\AdwCleaner[C1].txt
2015-08-17 10:45:38 ----D---- C:\Program Files (x86)\Google
2015-08-16 17:46:44 ----D---- C:\Program Files (x86)\iTunes
2015-08-16 17:46:43 ----D---- C:\Program Files\iPod
2015-08-16 17:46:36 ----D---- C:\Program Files\iTunes
2015-08-14 17:55:36 ----D---- C:\Users\TOM\AppData\Roaming\Audacity
2015-08-14 17:55:15 ----D---- C:\Program Files (x86)\Audacity
2015-08-12 15:17:14 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2015-08-11 22:41:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-11 22:41:39 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-11 22:41:27 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-11 22:41:25 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-11 22:41:22 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-11 22:41:15 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-11 22:41:15 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2015-08-11 22:41:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2015-08-11 22:41:14 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-11 22:41:13 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2015-08-11 22:41:13 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-11 22:41:13 ----A---- C:\WINDOWS\system32\schedsvc.dll
2015-08-11 22:41:13 ----A---- C:\WINDOWS\system32\mf.dll
2015-08-11 22:41:13 ----A---- C:\WINDOWS\system32\LogonController.dll
2015-08-11 22:41:12 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-11 22:41:12 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-11 22:41:11 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2015-08-11 22:41:11 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2015-08-11 22:41:11 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-08-11 22:41:11 ----A---- C:\WINDOWS\system32\mfsvr.dll
2015-08-11 22:41:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-11 22:41:10 ----A---- C:\WINDOWS\system32\WWAHost.exe
2015-08-11 22:41:10 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-11 22:41:10 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-11 22:41:09 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2015-08-11 22:41:09 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2015-08-11 22:41:08 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2015-08-11 22:41:08 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-11 22:41:08 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-11 22:41:08 ----A---- C:\WINDOWS\system32\NetworkStatus.dll
2015-08-11 22:41:08 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2015-08-11 22:41:08 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2015-08-11 22:41:08 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2015-08-11 22:41:07 ----A---- C:\WINDOWS\SYSWOW64\ActionCenter.dll
2015-08-11 22:41:07 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-11 22:41:07 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-11 22:41:07 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-11 22:41:07 ----A---- C:\WINDOWS\system32\msctfuimanager.dll
2015-08-11 22:41:07 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-11 22:41:06 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2015-08-11 22:41:06 ----A---- C:\WINDOWS\SYSWOW64\msctfuimanager.dll
2015-08-11 22:41:06 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2015-08-11 22:41:06 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-08-11 22:41:05 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-11 22:41:05 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-11 22:41:05 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2015-08-11 22:41:05 ----A---- C:\WINDOWS\system32\configmanager2.dll
2015-08-11 22:41:04 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-11 22:41:04 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-11 22:41:04 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-11 22:41:04 ----A---- C:\WINDOWS\notepad.exe
2015-08-11 22:41:03 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-11 22:41:03 ----A---- C:\WINDOWS\system32\coredpus.dll
2015-08-11 22:41:02 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys
2015-08-11 22:41:01 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-11 22:41:01 ----A---- C:\WINDOWS\system32\drivers\msgpiowin32.sys
2015-08-11 22:40:57 ----A---- C:\WINDOWS\system32\mfps.dll
2015-08-11 22:40:56 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2015-08-11 22:40:52 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2015-08-11 22:40:52 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2015-08-11 22:40:51 ----A---- C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-11 22:40:50 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-11 22:40:50 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2015-08-11 22:40:49 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2015-08-11 22:40:49 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-11 22:40:49 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2015-08-11 22:40:49 ----A---- C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-11 22:40:48 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2015-08-11 22:40:48 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-11 15:04:54 ----A---- C:\WINDOWS\system32\drivers\ssudmdm.sys
2015-08-11 15:04:39 ----A---- C:\WINDOWS\system32\drivers\ssudbus.sys

======List of files/folders modified in the last 1 month======

2015-09-09 05:17:18 ----D---- C:\WINDOWS\Prefetch
2015-09-09 05:17:01 ----D---- C:\WINDOWS\Temp
2015-09-09 05:17:01 ----D---- C:\WINDOWS\AppReadiness
2015-09-09 05:16:56 ----HD---- C:\Program Files\WindowsApps
2015-09-09 05:11:29 ----D---- C:\WINDOWS\system32\sru
2015-09-09 05:11:01 ----D---- C:\WINDOWS\System32
2015-09-08 15:30:55 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-08 15:19:40 ----D---- C:\WINDOWS\INF
2015-09-08 15:19:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-08 15:13:42 ----D---- C:\ProgramData\NVIDIA
2015-09-08 15:12:42 ----D---- C:\AdwCleaner
2015-09-08 14:28:07 ----RD---- C:\Program Files
2015-09-08 09:04:03 ----A---- C:\AdwCleaner[S3].txt
2015-09-08 08:48:37 ----D---- C:\Windows
2015-09-08 08:48:34 ----D---- C:\WINDOWS\system32\drivers
2015-09-08 08:48:34 ----D---- C:\WINDOWS\Cursors
2015-09-08 08:47:41 ----RD---- C:\Program Files (x86)
2015-09-08 08:34:25 ----D---- C:\WINDOWS\SoftwareDistribution
2015-09-08 08:33:55 ----D---- C:\WINDOWS\Logs
2015-09-08 08:33:55 ----D---- C:\WINDOWS\debug
2015-09-08 08:33:18 ----HD---- C:\ProgramData
2015-09-08 08:22:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-08 08:17:51 ----A---- C:\AdwCleaner[S2].txt
2015-09-07 22:07:17 ----RSD---- C:\WINDOWS\Fonts
2015-09-07 22:00:05 ----SHD---- C:\WINDOWS\Installer
2015-09-07 22:00:05 ----D---- C:\Config.Msi
2015-09-07 17:42:01 ----D---- C:\WINDOWS\system32\Tasks
2015-09-07 17:10:47 ----D---- C:\WINDOWS\Tasks
2015-09-07 17:00:39 ----SD---- C:\Users\TOM\AppData\Roaming\Microsoft
2015-09-07 16:59:23 ----SD---- C:\ProgramData\Microsoft
2015-09-07 16:57:48 ----SHD---- C:\$Recycle.Bin
2015-09-06 09:34:21 ----D---- C:\WINDOWS\system32\config
2015-09-04 10:34:38 ----D---- C:\WINDOWS\system32\DriverStore
2015-09-04 10:34:22 ----D---- C:\WINDOWS\WinSxS
2015-09-04 10:22:48 ----D---- C:\ProgramData\Microsoft Help
2015-09-03 11:20:54 ----D---- C:\WINDOWS\SysWOW64
2015-09-03 11:18:22 ----D---- C:\Program Files (x86)\Common Files
2015-09-03 11:12:13 ----RD---- C:\WINDOWS\assembly
2015-09-03 11:09:35 ----D---- C:\Program Files (x86)\Microsoft Office
2015-09-02 22:22:42 ----A---- C:\WINDOWS\win.ini
2015-09-02 10:01:47 ----D---- C:\Program Files (x86)\Microsoft Works
2015-09-01 12:30:56 ----D---- C:\Program Files\Common Files\microsoft shared
2015-08-31 23:14:35 ----D---- C:\ProgramData\Oracle
2015-08-31 23:14:09 ----D---- C:\Program Files (x86)\Java
2015-08-31 23:13:33 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-08-30 20:41:21 ----D---- C:\WINDOWS\rescache
2015-08-30 09:07:43 ----D---- C:\WINDOWS\system32\oobe
2015-08-30 09:07:43 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-08-30 09:07:43 ----D---- C:\WINDOWS\system32\appraiser
2015-08-30 09:07:43 ----D---- C:\WINDOWS\AppPatch
2015-08-30 09:05:59 ----D---- C:\WINDOWS\CbsTemp
2015-08-29 07:12:35 ----D---- C:\WINDOWS\system32\catroot2
2015-08-21 06:32:48 ----D---- C:\MRTVOLA
2015-08-21 03:30:58 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-08-21 03:30:57 ----RD---- C:\WINDOWS\DevicesFlow
2015-08-18 23:14:51 ----D---- C:\WINDOWS\ModemLogs
2015-08-17 14:12:32 ----A---- C:\AdwCleaner[S1].txt
2015-08-16 17:46:43 ----D---- C:\Program Files\Common Files\Apple
2015-08-12 06:57:57 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-08-12 06:57:56 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-08-12 06:57:56 ----D---- C:\WINDOWS\system32\cs-CZ
2015-08-11 22:44:49 ----D---- C:\WINDOWS\system32\MRT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-07-31 175104]
R3 MTsensor;@oem5.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 NVHDA;@oem10.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-02-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-31 12896400]
R3 NVNET;@netnvm64.inf,%NVENETFD.Service.DispName%;NVIDIA nForce Ethernet Driver; C:\WINDOWS\System32\drivers\nvmf6264.sys [2015-07-10 344192]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2015-07-10 131584]
R3 VIAHdAudAddService;@oem11.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2015-07-31 701136]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-07-10 32256]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dg_ssudbus;@oem14.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-08-11 108800]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-07-17 934752]
S3 ssudmdm;@oem22.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-08-11 206080]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-07-14 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-07-10 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-07-10 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-07-10 27488]
S3 USBAAPL64;@oem2.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Sériový ovladač USB od společnosti Microsoft; C:\WINDOWS\System32\drivers\usbser.sys [2015-07-24 67072]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\WINDOWS\System32\drivers\vhf.sys [2015-07-10 31744]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-07-31 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-29 932040]
R2 OneSyncSvc_Session2;Hostitel synchronizace_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-06-29 410952]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-08-13 644880]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session2;Data kontaktů_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 UnistoreSvc_Session2;Úložiště uživatelských dat_Session2; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 UserDataSvc_Session2;Přístup k uživatelským datům_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-07-12 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-07-10 50352]

-----------------EOF-----------------

mordoch · #4 Příspěvek od **mordoch** » 09 zář 2015 08:37

PLs a co dál ?

#5 Příspěvek od **vyosek** » 09 zář 2015 08:45

Zdravim

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

mordoch · #6 Příspěvek od **mordoch** » 09 zář 2015 08:55

Mám win 10 ....neva ?

#7 Příspěvek od **vyosek** » 09 zář 2015 08:59

NN, zkuste spustit a melo by to jit...

mordoch · #8 Příspěvek od **mordoch** » 09 zář 2015 09:14

šlo to

Zoek.exe v5.0.0.0 Updated 08-September-2015
Tool run by TOM DANKA on st 09.09.2015 at 9:57:19,28.
Microsoft Windows 10 Home 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOM\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

9.9.2015 9:58:52 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\TOM\AppData\Local\Adobe deleted successfully
C:\Users\TOM\AppData\Local\Opera Software deleted successfully
C:\Users\TOM\AppData\Local\Unity deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\xdg4xbec.default\prefs.js:
user_pref("browser.startup.homepage", "https://mail.radiounited.cz/webmail/log ... om/?_rdr=p");

Added to C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\xdg4xbec.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Seznam.cz not found
C:\Users\TOM\.android deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\TOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\xdg4xbec.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\xdg4xbec.default
- Firefox Helper - %ProfilePath%\extensions\firefox@helper

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\xdg4xbec.default
EC55112EDB2CE5BC2BFCACDB9C2150F4 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll - Shockwave Flash

==== Deleted Firefox Extensions ======================

C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\xdg4xbec.default\extensions\firefox@helper deleted

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\InetStat deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TOM\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\TOM\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\TOM\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\TOM\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\TOM\AppData\Local\Mozilla\Firefox\Profiles\xdg4xbec.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=9 folders=4 6237 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\TOM\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 09.09.2015 at 10:12:43,89 ======================

mordoch · #9 Příspěvek od **mordoch** » 09 zář 2015 09:54

Zatím klid

#10 Příspěvek od **cernohous13** » 09 zář 2015 16:57

mordoch = mordoch2105

dvojí účet je porušením pravidel tohoto fóra

požádej kolegu aby jeden účet zrušil

VIRY.CZ

Prosím o pomoc s reklamní havětí+ RSIT

Prosím o pomoc s reklamní havětí+ RSIT

Re: Prosím o pomoc s reklamní havětí+ RSIT

Re: Prosím o pomoc s reklamní havětí+ RSIT

Re: Prosím o pomoc s reklamní havětí+ RSIT

Re: Prosím o pomoc s reklamní havětí+ RSIT

Re: Prosím o pomoc s reklamní havětí+ RSIT

Re: Prosím o pomoc s reklamní havětí+ RSIT

Re: Prosím o pomoc s reklamní havětí+ RSIT

Re: Prosím o pomoc s reklamní havětí+ RSIT

Re: Prosím o pomoc s reklamní havětí+ RSIT