samovolné probouzení z režimu spánku

[Rudy]

Dejte nový log RSIT.

[vorryy]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2015-10-26 14:24:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 21 GB (26%) free of 81 GB
Total RAM: 3839 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:24:54, on 26.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-21-3549304636-1526269185-1168838153-1092\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '_ocster_backup_')
O4 - HKUS\S-1-5-21-3549304636-1526269185-1168838153-1092\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '_ocster_backup_')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Ocster Backup (ocster_backup) - Unknown owner - c:\Program Files\Ocster Backup\bin\backupService-ox.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Soluto Launcher Service (SolutoLauncherService) - Soluto - C:\Program Files\Soluto\SolutoLauncherService.exe
O23 - Service: Soluto Remote Service (SolutoRemoteService) - GlavSoft LLC. - C:\Program Files\Soluto\SolutoRemoteService.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8600 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"c:\program files\soluto\soluto.exe" /userinit
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
taskeng.exe {E08E4189-2A80-430E-9EDE-DEF2702CFA6E}
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Soluto\SolutoLauncherService.exe"
"C:\Program Files\Soluto\SolutoService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Soluto\SolutoRemoteService.exe" -service
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:5528
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"c:\Program Files\Ocster Backup\bin\backupService-ox.exe" "--controlFolder=c:\ProgramData\Ocster Backup\control" "--id=ocster_backup" daemon
"c:\Program Files\Ocster Backup\bin\oxHelper.exe" watchDog backupDaemon 5384 "c:\Users\_OCSTE~1\AppData\Local\Temp\oxHelperParam-5384-1464af574196f87"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3948
taskeng.exe {67D8FBDE-CAF4-44BD-BA66-FA499F20A1A2}
C:\Users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe /c
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"D:\instalační programy\bezpečnost\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3549304636-1526269185-1168838153-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3549304636-1526269185-1168838153-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\476uddvl.default-1394147493619

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll


C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\476uddvl.default-1394147493619\searchplugins\
google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-05 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-05 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2007-10-23 140568]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-10-25 8712960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-09-16 8461224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiLogger]
C:\Program Files (x86)\AntiLogger\AntiLogger.exe /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-09-16 8461224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2015-08-09 2720144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lightshot]
C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2014-11-18 226560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ocster Backup]
C:\Program Files\Ocster Backup\bin\backupClient-ox.exe [2014-02-04 312664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Polar Sync]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-10-25 8712960]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-24 6134544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-10-26 09:14:38 ----D---- C:\AdwCleaner
2015-10-25 20:47:24 ----A---- C:\Windows\system32\YamahaAE2.dll
2015-10-25 20:47:24 ----A---- C:\Windows\system32\YamahaAE.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\WavesGUILib64.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\tossaemaxapo64.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\tossaeapo64.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\toseaeapo64.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\tosasfapo64.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\tosade.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\tepeqapo64.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\tadefxapo264.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\tadefxapo.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\SRSWOW64.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\SRSTSX64.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\SRSTSH64.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\SRSHP64.dll
2015-10-25 20:47:18 ----A---- C:\Windows\SYSWOW64\SRCOM.dll
2015-10-25 20:47:18 ----A---- C:\Windows\system32\SRRPTR64.dll
2015-10-25 20:47:18 ----A---- C:\Windows\system32\SRCOM64.dll
2015-10-25 20:47:18 ----A---- C:\Windows\system32\SRCOM.dll
2015-10-25 20:47:18 ----A---- C:\Windows\system32\SRAPO64.dll
2015-10-25 20:47:17 ----A---- C:\Windows\system32\sltech64.dll
2015-10-25 20:47:17 ----A---- C:\Windows\system32\slprp64.dll
2015-10-25 20:47:16 ----A---- C:\Windows\system32\slcnt64.dll
2015-10-25 20:47:15 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2015-10-25 20:47:15 ----A---- C:\Windows\system32\sl3apo64.dll
2015-10-25 20:47:15 ----A---- C:\Windows\system32\SFSS_APO.dll
2015-10-25 20:47:15 ----A---- C:\Windows\system32\SFNHK64.dll
2015-10-25 20:47:15 ----A---- C:\Windows\system32\SFCOM64.dll
2015-10-25 20:47:15 ----A---- C:\Windows\system32\SFAPO64.dll
2015-10-25 20:47:14 ----A---- C:\Windows\SYSWOW64\SECOMN32.DLL
2015-10-25 20:47:14 ----A---- C:\Windows\system32\SEHDRA64.dll
2015-10-25 20:47:14 ----A---- C:\Windows\system32\SECOMN64.dll
2015-10-25 20:47:14 ----A---- C:\Windows\system32\SEAPO64.dll
2015-10-25 20:47:12 ----A---- C:\Windows\system32\RtPgEx64.dll
2015-10-25 20:47:12 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2015-10-25 20:47:10 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2015-10-25 20:47:08 ----A---- C:\Windows\system32\drivers\rtkSSTsetting.dat
2015-10-25 20:47:06 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2015-10-25 20:47:06 ----A---- C:\Windows\system32\RtkCfg64.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RtkApi64.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RTEEP64A.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RTEEL64A.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RTEEG64A.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RTEED64A.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RtDataProc64.dll
2015-10-25 20:47:04 ----A---- C:\Windows\system32\RTCOM64.dll
2015-10-25 20:46:59 ----A---- C:\Windows\system32\RP3DHT64.dll
2015-10-25 20:46:59 ----A---- C:\Windows\system32\RP3DAA64.dll
2015-10-25 20:46:59 ----A---- C:\Windows\system32\RltkAPO64.dll
2015-10-25 20:46:59 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2015-10-25 20:46:58 ----A---- C:\Windows\SYSWOW64\RltkAPO.dll
2015-10-25 20:46:56 ----A---- C:\Windows\system32\RCoRes64.dat
2015-10-25 20:46:56 ----A---- C:\Windows\system32\RCoInstII64.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\R4EEP64A.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\R4EEL64A.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\R4EEG64A.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\R4EED64A.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\R4EEA64A.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\NAHIMICV2apo.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\NahimicAPONSControl.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\MISS_APO.dll
2015-10-25 20:46:48 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-10-25 20:46:48 ----A---- C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-10-25 20:46:48 ----A---- C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-10-25 20:46:48 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-10-25 20:46:48 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO7064.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO6064.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\KAAPORT64.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\IntelSstCApoPropPage.dll
2015-10-25 20:46:46 ----A---- C:\Windows\system32\IntelSSTAPO.dll
2015-10-25 20:46:46 ----A---- C:\Windows\system32\ICEsoundAPO64.dll
2015-10-25 20:46:46 ----A---- C:\Windows\system32\HiFiDAX2API.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\FMAPO64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DolbyDAX2APOv211.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DolbyDAX2APOv201.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DolbyDAX2APOProp.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPP64AF3.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPP64A.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPO64AF3.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPO64A.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPD64AF3.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPD64A.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPA64F3.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPA64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\CX64APO.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-10-25 20:46:44 ----A---- C:\Windows\system32\audioLibVc.dll
2015-10-25 20:46:44 ----A---- C:\Windows\system32\AERTAR64.dll
2015-10-25 20:46:44 ----A---- C:\Windows\system32\AERTAC64.dll
2015-10-25 20:46:44 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2015-10-25 15:30:02 ----D---- C:\rsit
2015-10-21 07:08:18 ----A---- C:\Windows\SYSWOW64\REN23F8.tmp
2015-10-21 07:06:52 ----A---- C:\Windows\SYSWOW64\REND3E6.tmp
2015-10-15 05:21:55 ----A---- C:\Windows\system32\appraiser.dll
2015-10-15 05:21:54 ----A---- C:\Windows\system32\invagent.dll
2015-10-15 05:21:54 ----A---- C:\Windows\system32\generaltel.dll
2015-10-15 05:21:54 ----A---- C:\Windows\system32\devinv.dll
2015-10-15 05:21:54 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-15 05:21:54 ----A---- C:\Windows\system32\aeinv.dll
2015-10-15 05:21:54 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 20:11:16 ----A---- C:\Windows\system32\aswBoot.exe
2015-10-14 05:51:48 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 05:51:48 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 05:51:48 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-14 05:51:48 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-14 05:51:48 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 05:51:47 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 05:51:47 ----A---- C:\Windows\system32\iernonce.dll
2015-10-14 05:51:47 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 05:51:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-14 05:51:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 05:51:45 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 05:51:45 ----A---- C:\Windows\system32\occache.dll
2015-10-14 05:51:45 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 05:51:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 05:51:44 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 05:51:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 05:51:44 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 05:51:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 05:51:42 ----A---- C:\Windows\system32\iesetup.dll
2015-10-14 05:51:42 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 05:51:41 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 05:51:41 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-14 05:51:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-14 05:51:41 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 05:51:41 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 05:51:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 05:51:40 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-14 05:51:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 05:51:40 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-14 05:51:39 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 05:51:39 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 05:51:39 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-14 05:51:37 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 05:51:37 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 05:51:35 ----A---- C:\Windows\system32\msrating.dll
2015-10-14 05:51:35 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 05:51:34 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 05:40:08 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 05:40:07 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-14 05:40:06 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 05:40:05 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-14 05:37:31 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 05:37:31 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 05:37:31 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 05:37:31 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 05:37:31 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 05:37:31 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 05:37:30 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-14 05:37:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 05:37:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wups2.dll
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wups.dll
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 05:37:30 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-14 05:37:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 05:37:11 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-14 05:37:10 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-14 05:37:08 ----A---- C:\Windows\system32\kernel32.dll
2015-10-14 05:37:07 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-14 05:37:07 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-14 05:37:07 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-14 05:37:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-14 05:37:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-14 05:37:06 ----A---- C:\Windows\system32\wow64.dll
2015-10-14 05:37:06 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 05:37:06 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 05:37:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\winsrv.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\srcore.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\schannel.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\rstrui.exe
2015-10-14 05:37:05 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\kerberos.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\conhost.exe
2015-10-14 05:37:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-14 05:37:04 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 05:37:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-14 05:37:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-14 05:37:04 ----A---- C:\Windows\system32\wdigest.dll
2015-10-14 05:37:04 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-14 05:37:04 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-14 05:37:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-14 05:37:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-14 05:37:03 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-14 05:37:03 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-14 05:37:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-14 05:37:03 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-14 05:37:03 ----A---- C:\Windows\system32\sspicli.dll
2015-10-14 05:37:03 ----A---- C:\Windows\system32\srclient.dll
2015-10-14 05:37:03 ----A---- C:\Windows\system32\smss.exe
2015-10-14 05:37:03 ----A---- C:\Windows\system32\lsass.exe
2015-10-14 05:37:03 ----A---- C:\Windows\system32\auditpol.exe
2015-10-14 05:37:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-14 05:37:02 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-14 05:37:02 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-14 05:37:02 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-14 05:37:02 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\wow64win.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\secur32.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\credssp.dll
2015-10-14 05:37:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-14 05:37:01 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 05:37:01 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 05:37:00 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-14 05:37:00 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 05:36:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-14 05:36:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-14 05:36:58 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-14 05:36:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 05:36:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 05:36:57 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 05:36:57 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 05:36:57 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-14 05:36:57 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-14 05:36:57 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-14 05:36:57 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-14 05:36:57 ----A---- C:\Windows\system32\msobjs.dll
2015-10-14 05:36:57 ----A---- C:\Windows\system32\msaudite.dll
2015-10-14 05:36:57 ----A---- C:\Windows\system32\adtschema.dll
2015-10-14 05:36:07 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-14 05:36:07 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-14 05:36:07 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-14 05:36:07 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 05:36:07 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 05:36:07 ----A---- C:\Windows\system32\appidapi.dll
2015-10-14 05:36:06 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll

======List of files/folders modified in the last 1 month======

2015-10-26 14:24:50 ----D---- C:\Program Files\trend micro
2015-10-26 09:27:05 ----D---- C:\Windows\System32
2015-10-26 09:27:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-26 09:27:04 ----D---- C:\Windows\inf
2015-10-26 09:24:40 ----D---- C:\Windows\Temp
2015-10-26 09:20:16 ----D---- C:\Windows\Tasks
2015-10-26 09:20:16 ----D---- C:\Windows\system32\Tasks
2015-10-26 08:01:47 ----D---- C:\Windows\system32\config
2015-10-25 23:36:45 ----D---- C:\Windows\system32\catroot2
2015-10-25 23:36:28 ----D---- C:\Windows\winsxs
2015-10-25 21:18:54 ----SHD---- C:\System Volume Information
2015-10-25 20:58:31 ----D---- C:\Windows
2015-10-25 20:55:53 ----D---- C:\Windows\system32\catroot
2015-10-25 20:53:15 ----D---- C:\Windows\system32\DriverStore
2015-10-25 20:50:42 ----D---- C:\Windows\system32\DAX2
2015-10-25 20:50:34 ----D---- C:\Windows\SysWOW64
2015-10-25 20:49:40 ----D---- C:\Windows\SYSWOW64\RTCOM
2015-10-25 20:49:38 ----D---- C:\Windows\system32\drivers
2015-10-25 20:35:08 ----D---- C:\ProgramData\ProductData
2015-10-25 20:21:38 ----D---- C:\Windows\registration
2015-10-25 18:16:51 ----D---- C:\Windows\Prefetch
2015-10-24 20:57:42 ----D---- C:\Config.Msi
2015-10-23 21:22:21 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2015-10-21 07:09:09 ----SHD---- C:\Windows\Installer
2015-10-21 07:09:08 ----D---- C:\Program Files\Java
2015-10-21 07:08:26 ----D---- C:\Program Files (x86)\Java
2015-10-21 06:59:41 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-10-20 15:36:57 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2015-10-18 18:49:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-17 23:18:39 ----D---- C:\Windows\Panther
2015-10-17 22:39:36 ----HD---- C:\$Windows.~BT
2015-10-16 02:04:21 ----SD---- C:\Windows\system32\CompatTel
2015-10-16 02:04:16 ----D---- C:\Windows\system32\appraiser
2015-10-16 02:04:14 ----D---- C:\Windows\AppPatch
2015-10-15 16:39:25 ----D---- C:\Windows\rescache
2015-10-15 05:03:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-15 05:03:51 ----D---- C:\Program Files\Internet Explorer
2015-10-15 05:03:50 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-15 05:03:50 ----D---- C:\Windows\system32\cs-CZ
2015-10-15 05:03:49 ----D---- C:\Windows\system32\en-US
2015-10-15 05:03:48 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-15 05:03:40 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-15 05:03:40 ----D---- C:\Windows\system32\Boot
2015-10-14 22:18:15 ----D---- C:\Windows\system32\MRT
2015-10-14 22:01:36 ----D---- C:\Windows\debug
2015-10-14 22:01:30 ----A---- C:\Windows\system32\MRT.exe
2015-10-14 22:01:06 ----D---- C:\ProgramData\Microsoft Help
2015-10-14 21:19:08 ----D---- C:\Users\Jirka\AppData\Roaming\KeePass
2015-10-12 05:21:07 ----SD---- C:\ProgramData\Microsoft
2015-10-10 17:40:40 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2015-10-09 02:32:39 ----SD---- C:\Windows\system32\GWX
2015-10-09 02:20:21 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-06 11:03:57 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-06 11:03:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-10-01 17:19:06 ----RD---- C:\Program Files (x86)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide64;amdide64; C:\Windows\system32\DRIVERS\amdide64.sys [2015-04-02 11944]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-24 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-24 274808]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-01-27 229408]
R0 Soluto;Soluto; C:\Windows\system32\DRIVERS\Soluto.sys [2013-11-14 54728]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2012-01-27 593952]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-01-27 711712]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-24 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-24 1049880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-24 448968]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-07 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-04-02 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-24 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-24 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-24 153744]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 120320]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2012-01-27 81952]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-11-18 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-11-18 359936]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-10-25 4613888]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MosIrUsb;MosIrUsb.sys; C:\Windows\system32\DRIVERS\MosIrUsb.sys [2015-07-15 28160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2013-02-07 2201120]
R3 RDPDISPM;RDPDISPM; C:\Windows\system32\DRIVERS\rdpdispm.sys [2010-08-31 10752]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
S2 EIO;EIO; \??\C:\Windows\system32\drivers\EIO64.sys [2006-06-14 15360]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-21 113880]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2014-04-14 181760]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-01-27 82816]
S3 PROCEXP151;PROCEXP151; C:\Windows\system32\drivers\PROCEXP151.sys []
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2013-12-06 18456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-04-24 977624]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2007-10-23 599320]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-11-18 238080]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-24 146600]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 SolutoLauncherService;Soluto Launcher Service; C:\Program Files\Soluto\SolutoLauncherService.exe [2013-11-14 182848]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2013-11-14 856128]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-04-09 5261584]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-23 495832]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-11-23 1974080]
R2 UxTuneUp;TuneUp Theme Extension; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-06-27 365568]
R3 ocster_backup;Ocster Backup; c:\Program Files\Ocster Backup\bin\backupService-ox.exe [2014-02-04 23896]
R3 SolutoRemoteService;Soluto Remote Service; C:\Program Files\Soluto\SolutoRemoteService.exe [2013-11-14 1942016]
R3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-18 269000]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-07 149160]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-12-06 1229528]
S3 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-06 662232]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-26 1255736]
S3 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3549304636-1526269185-1168838153-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3549304636-1526269185-1168838153-1000UA.job
C:\Program Files (x86)\Google\Google Toolbar

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[vorryy]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2015-10-26 17:33:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 22 GB (27%) free of 81 GB
Total RAM: 3839 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:33:13, on 26.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Ocster Backup (ocster_backup) - Unknown owner - c:\Program Files\Ocster Backup\bin\backupService-ox.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Soluto Launcher Service (SolutoLauncherService) - Soluto - C:\Program Files\Soluto\SolutoLauncherService.exe
O23 - Service: Soluto Remote Service (SolutoRemoteService) - GlavSoft LLC. - C:\Program Files\Soluto\SolutoRemoteService.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7900 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"c:\program files\soluto\soluto.exe" /userinit
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
"C:\Program Files\Soluto\SolutoLauncherService.exe"
"C:\Program Files\Soluto\SolutoService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
taskeng.exe {F85F455F-894B-4924-8F2E-88323E5F8A33}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\10262015_172807.log
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
taskeng.exe {1C4A2FA5-2347-4178-B625-D3E715799A72}
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"D:\instalační programy\bezpečnost\RSITx64.exe"
"C:\Program Files\Soluto\SolutoRemoteService.exe" -service

=========Mozilla firefox=========

ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\476uddvl.default-1394147493619

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll


C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\476uddvl.default-1394147493619\searchplugins\
google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-05 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-05 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2007-10-23 140568]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-10-25 8712960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-09-16 8461224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiLogger]
C:\Program Files (x86)\AntiLogger\AntiLogger.exe /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-09-16 8461224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2015-08-09 2720144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lightshot]
C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2014-11-18 226560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ocster Backup]
C:\Program Files\Ocster Backup\bin\backupClient-ox.exe [2014-02-04 312664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Polar Sync]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-10-25 8712960]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-24 6134544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-10-26 17:28:07 ----D---- C:\_OTM
2015-10-26 09:14:38 ----D---- C:\AdwCleaner
2015-10-25 20:47:24 ----A---- C:\Windows\system32\YamahaAE2.dll
2015-10-25 20:47:24 ----A---- C:\Windows\system32\YamahaAE.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\WavesGUILib64.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\tossaemaxapo64.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\tossaeapo64.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\toseaeapo64.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\tosasfapo64.dll
2015-10-25 20:47:20 ----A---- C:\Windows\system32\tosade.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\tepeqapo64.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\tadefxapo264.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\tadefxapo.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\SRSWOW64.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\SRSTSX64.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\SRSTSH64.dll
2015-10-25 20:47:19 ----A---- C:\Windows\system32\SRSHP64.dll
2015-10-25 20:47:18 ----A---- C:\Windows\SYSWOW64\SRCOM.dll
2015-10-25 20:47:18 ----A---- C:\Windows\system32\SRRPTR64.dll
2015-10-25 20:47:18 ----A---- C:\Windows\system32\SRCOM64.dll
2015-10-25 20:47:18 ----A---- C:\Windows\system32\SRCOM.dll
2015-10-25 20:47:18 ----A---- C:\Windows\system32\SRAPO64.dll
2015-10-25 20:47:17 ----A---- C:\Windows\system32\sltech64.dll
2015-10-25 20:47:17 ----A---- C:\Windows\system32\slprp64.dll
2015-10-25 20:47:16 ----A---- C:\Windows\system32\slcnt64.dll
2015-10-25 20:47:15 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2015-10-25 20:47:15 ----A---- C:\Windows\system32\sl3apo64.dll
2015-10-25 20:47:15 ----A---- C:\Windows\system32\SFSS_APO.dll
2015-10-25 20:47:15 ----A---- C:\Windows\system32\SFNHK64.dll
2015-10-25 20:47:15 ----A---- C:\Windows\system32\SFCOM64.dll
2015-10-25 20:47:15 ----A---- C:\Windows\system32\SFAPO64.dll
2015-10-25 20:47:14 ----A---- C:\Windows\SYSWOW64\SECOMN32.DLL
2015-10-25 20:47:14 ----A---- C:\Windows\system32\SEHDRA64.dll
2015-10-25 20:47:14 ----A---- C:\Windows\system32\SECOMN64.dll
2015-10-25 20:47:14 ----A---- C:\Windows\system32\SEAPO64.dll
2015-10-25 20:47:12 ----A---- C:\Windows\system32\RtPgEx64.dll
2015-10-25 20:47:12 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2015-10-25 20:47:10 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2015-10-25 20:47:08 ----A---- C:\Windows\system32\drivers\rtkSSTsetting.dat
2015-10-25 20:47:06 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2015-10-25 20:47:06 ----A---- C:\Windows\system32\RtkCfg64.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RtkApi64.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RTEEP64A.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RTEEL64A.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RTEEG64A.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RTEED64A.dll
2015-10-25 20:47:05 ----A---- C:\Windows\system32\RtDataProc64.dll
2015-10-25 20:47:04 ----A---- C:\Windows\system32\RTCOM64.dll
2015-10-25 20:46:59 ----A---- C:\Windows\system32\RP3DHT64.dll
2015-10-25 20:46:59 ----A---- C:\Windows\system32\RP3DAA64.dll
2015-10-25 20:46:59 ----A---- C:\Windows\system32\RltkAPO64.dll
2015-10-25 20:46:59 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2015-10-25 20:46:58 ----A---- C:\Windows\SYSWOW64\RltkAPO.dll
2015-10-25 20:46:56 ----A---- C:\Windows\system32\RCoRes64.dat
2015-10-25 20:46:56 ----A---- C:\Windows\system32\RCoInstII64.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\R4EEP64A.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\R4EEL64A.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\R4EEG64A.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\R4EED64A.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\R4EEA64A.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\NAHIMICV2apo.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\NahimicAPONSControl.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2015-10-25 20:46:49 ----A---- C:\Windows\system32\MISS_APO.dll
2015-10-25 20:46:48 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-10-25 20:46:48 ----A---- C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-10-25 20:46:48 ----A---- C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-10-25 20:46:48 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-10-25 20:46:48 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO7064.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO6064.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\KAAPORT64.dll
2015-10-25 20:46:47 ----A---- C:\Windows\system32\IntelSstCApoPropPage.dll
2015-10-25 20:46:46 ----A---- C:\Windows\system32\IntelSSTAPO.dll
2015-10-25 20:46:46 ----A---- C:\Windows\system32\ICEsoundAPO64.dll
2015-10-25 20:46:46 ----A---- C:\Windows\system32\HiFiDAX2API.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\FMAPO64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DolbyDAX2APOv211.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DolbyDAX2APOv201.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DolbyDAX2APOProp.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPP64AF3.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPP64A.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPO64AF3.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPO64A.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPD64AF3.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPD64A.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPA64F3.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\DDPA64.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\CX64APO.dll
2015-10-25 20:46:45 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-10-25 20:46:44 ----A---- C:\Windows\system32\audioLibVc.dll
2015-10-25 20:46:44 ----A---- C:\Windows\system32\AERTAR64.dll
2015-10-25 20:46:44 ----A---- C:\Windows\system32\AERTAC64.dll
2015-10-25 20:46:44 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2015-10-25 15:30:02 ----D---- C:\rsit
2015-10-15 05:21:55 ----A---- C:\Windows\system32\appraiser.dll
2015-10-15 05:21:54 ----A---- C:\Windows\system32\invagent.dll
2015-10-15 05:21:54 ----A---- C:\Windows\system32\generaltel.dll
2015-10-15 05:21:54 ----A---- C:\Windows\system32\devinv.dll
2015-10-15 05:21:54 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-15 05:21:54 ----A---- C:\Windows\system32\aeinv.dll
2015-10-15 05:21:54 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 20:11:16 ----A---- C:\Windows\system32\aswBoot.exe
2015-10-14 05:51:48 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 05:51:48 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 05:51:48 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-14 05:51:48 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-14 05:51:48 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 05:51:47 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 05:51:47 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 05:51:47 ----A---- C:\Windows\system32\iernonce.dll
2015-10-14 05:51:47 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 05:51:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-14 05:51:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 05:51:45 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 05:51:45 ----A---- C:\Windows\system32\occache.dll
2015-10-14 05:51:45 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-14 05:51:44 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 05:51:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 05:51:44 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 05:51:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 05:51:44 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 05:51:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 05:51:42 ----A---- C:\Windows\system32\iesetup.dll
2015-10-14 05:51:42 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 05:51:41 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 05:51:41 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-14 05:51:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-14 05:51:41 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 05:51:41 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 05:51:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 05:51:40 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-14 05:51:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 05:51:40 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-14 05:51:39 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 05:51:39 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 05:51:39 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 05:51:38 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-14 05:51:37 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 05:51:37 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 05:51:35 ----A---- C:\Windows\system32\msrating.dll
2015-10-14 05:51:35 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 05:51:34 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 05:40:08 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 05:40:07 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-14 05:40:06 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 05:40:05 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-14 05:37:31 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 05:37:31 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 05:37:31 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 05:37:31 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 05:37:31 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 05:37:31 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 05:37:30 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-14 05:37:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 05:37:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wups2.dll
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wups.dll
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 05:37:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 05:37:30 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-14 05:37:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 05:37:11 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-14 05:37:10 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-14 05:37:08 ----A---- C:\Windows\system32\kernel32.dll
2015-10-14 05:37:07 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-14 05:37:07 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-14 05:37:07 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-14 05:37:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-14 05:37:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-14 05:37:06 ----A---- C:\Windows\system32\wow64.dll
2015-10-14 05:37:06 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 05:37:06 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 05:37:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\winsrv.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\srcore.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\schannel.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\rstrui.exe
2015-10-14 05:37:05 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\kerberos.dll
2015-10-14 05:37:05 ----A---- C:\Windows\system32\conhost.exe
2015-10-14 05:37:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-14 05:37:04 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 05:37:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-14 05:37:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-14 05:37:04 ----A---- C:\Windows\system32\wdigest.dll
2015-10-14 05:37:04 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-14 05:37:04 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-14 05:37:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-14 05:37:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-14 05:37:03 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-14 05:37:03 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-14 05:37:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-14 05:37:03 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-14 05:37:03 ----A---- C:\Windows\system32\sspicli.dll
2015-10-14 05:37:03 ----A---- C:\Windows\system32\srclient.dll
2015-10-14 05:37:03 ----A---- C:\Windows\system32\smss.exe
2015-10-14 05:37:03 ----A---- C:\Windows\system32\lsass.exe
2015-10-14 05:37:03 ----A---- C:\Windows\system32\auditpol.exe
2015-10-14 05:37:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-14 05:37:02 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-14 05:37:02 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-14 05:37:02 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-14 05:37:02 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\wow64win.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\secur32.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-14 05:37:02 ----A---- C:\Windows\system32\credssp.dll
2015-10-14 05:37:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-14 05:37:01 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 05:37:01 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 05:37:00 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 05:37:00 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-14 05:37:00 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 05:36:59 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 05:36:58 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 05:36:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-14 05:36:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-14 05:36:58 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-14 05:36:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 05:36:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 05:36:57 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 05:36:57 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 05:36:57 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-14 05:36:57 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-14 05:36:57 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-14 05:36:57 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-14 05:36:57 ----A---- C:\Windows\system32\msobjs.dll
2015-10-14 05:36:57 ----A---- C:\Windows\system32\msaudite.dll
2015-10-14 05:36:57 ----A---- C:\Windows\system32\adtschema.dll
2015-10-14 05:36:07 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-14 05:36:07 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-14 05:36:07 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-14 05:36:07 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 05:36:07 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 05:36:07 ----A---- C:\Windows\system32\appidapi.dll
2015-10-14 05:36:06 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 05:34:34 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 05:34:33 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 05:34:32 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll

======List of files/folders modified in the last 1 month======

2015-10-26 17:33:10 ----D---- C:\Program Files\trend micro
2015-10-26 17:33:08 ----D---- C:\Windows\Temp
2015-10-26 17:29:49 ----D---- C:\Windows\system32\config
2015-10-26 17:28:58 ----D---- C:\Windows\SysWOW64
2015-10-26 17:28:09 ----D---- C:\Windows\Tasks
2015-10-26 17:28:09 ----D---- C:\Program Files (x86)\Google
2015-10-26 09:27:05 ----D---- C:\Windows\System32
2015-10-26 09:27:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-26 09:27:04 ----D---- C:\Windows\inf
2015-10-26 09:20:16 ----D---- C:\Windows\system32\Tasks
2015-10-25 23:36:45 ----D---- C:\Windows\system32\catroot2
2015-10-25 23:36:28 ----D---- C:\Windows\winsxs
2015-10-25 21:18:54 ----SHD---- C:\System Volume Information
2015-10-25 20:58:31 ----D---- C:\Windows
2015-10-25 20:55:53 ----D---- C:\Windows\system32\catroot
2015-10-25 20:53:15 ----D---- C:\Windows\system32\DriverStore
2015-10-25 20:50:42 ----D---- C:\Windows\system32\DAX2
2015-10-25 20:49:40 ----D---- C:\Windows\SYSWOW64\RTCOM
2015-10-25 20:49:38 ----D---- C:\Windows\system32\drivers
2015-10-25 20:35:08 ----D---- C:\ProgramData\ProductData
2015-10-25 20:21:38 ----D---- C:\Windows\registration
2015-10-25 18:16:51 ----D---- C:\Windows\Prefetch
2015-10-24 20:57:42 ----D---- C:\Config.Msi
2015-10-23 21:22:21 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2015-10-21 07:09:09 ----SHD---- C:\Windows\Installer
2015-10-21 07:09:08 ----D---- C:\Program Files\Java
2015-10-21 07:08:26 ----D---- C:\Program Files (x86)\Java
2015-10-21 06:59:41 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-10-20 15:36:57 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2015-10-18 18:49:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-17 23:18:39 ----D---- C:\Windows\Panther
2015-10-17 22:39:36 ----HD---- C:\$Windows.~BT
2015-10-16 02:04:21 ----SD---- C:\Windows\system32\CompatTel
2015-10-16 02:04:16 ----D---- C:\Windows\system32\appraiser
2015-10-16 02:04:14 ----D---- C:\Windows\AppPatch
2015-10-15 16:39:25 ----D---- C:\Windows\rescache
2015-10-15 05:03:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-15 05:03:51 ----D---- C:\Program Files\Internet Explorer
2015-10-15 05:03:50 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-15 05:03:50 ----D---- C:\Windows\system32\cs-CZ
2015-10-15 05:03:49 ----D---- C:\Windows\system32\en-US
2015-10-15 05:03:48 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-15 05:03:40 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-15 05:03:40 ----D---- C:\Windows\system32\Boot
2015-10-14 22:18:15 ----D---- C:\Windows\system32\MRT
2015-10-14 22:01:36 ----D---- C:\Windows\debug
2015-10-14 22:01:30 ----A---- C:\Windows\system32\MRT.exe
2015-10-14 22:01:06 ----D---- C:\ProgramData\Microsoft Help
2015-10-14 21:19:08 ----D---- C:\Users\Jirka\AppData\Roaming\KeePass
2015-10-12 05:21:07 ----SD---- C:\ProgramData\Microsoft
2015-10-10 17:40:40 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2015-10-09 02:32:39 ----SD---- C:\Windows\system32\GWX
2015-10-09 02:20:21 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-06 11:03:57 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-06 11:03:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-10-01 17:19:06 ----RD---- C:\Program Files (x86)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide64;amdide64; C:\Windows\system32\DRIVERS\amdide64.sys [2015-04-02 11944]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-24 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-24 274808]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-01-27 229408]
R0 Soluto;Soluto; C:\Windows\system32\DRIVERS\Soluto.sys [2013-11-14 54728]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2012-01-27 593952]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-01-27 711712]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-24 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-24 1049880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-24 448968]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-07 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-04-02 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-24 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-24 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-24 153744]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 120320]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2012-01-27 81952]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-11-18 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-11-18 359936]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-10-25 4613888]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MosIrUsb;MosIrUsb.sys; C:\Windows\system32\DRIVERS\MosIrUsb.sys [2015-07-15 28160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2013-02-07 2201120]
R3 RDPDISPM;RDPDISPM; C:\Windows\system32\DRIVERS\rdpdispm.sys [2010-08-31 10752]
S2 EIO;EIO; \??\C:\Windows\system32\drivers\EIO64.sys [2006-06-14 15360]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-21 113880]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2014-04-14 181760]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-01-27 82816]
S3 PROCEXP151;PROCEXP151; C:\Windows\system32\drivers\PROCEXP151.sys []
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2013-12-06 18456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-04-24 977624]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2007-10-23 599320]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-11-18 238080]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-24 146600]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 SolutoLauncherService;Soluto Launcher Service; C:\Program Files\Soluto\SolutoLauncherService.exe [2013-11-14 182848]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2013-11-14 856128]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-04-09 5261584]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-23 495832]
R2 UxTuneUp;TuneUp Theme Extension; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 SolutoRemoteService;Soluto Remote Service; C:\Program Files\Soluto\SolutoRemoteService.exe [2013-11-14 1942016]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-11-23 1974080]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-18 269000]
S3 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-06-27 365568]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-07 149160]
S3 ocster_backup;Ocster Backup; c:\Program Files\Ocster Backup\bin\backupService-ox.exe [2014-02-04 23896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-12-06 1229528]
S3 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-06 662232]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-26 1255736]
S3 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Log je již OK.

[vorryy]

Díky moc. Jinak to probouzení PC stále nemohu odstranit. Nemůže být pryč disk?

[Rudy]

S diskem to určitě nic společného nemá. Nemáte nějaká naplánované úlohy?

[vorryy]

No nějaké tam jsou, ale nevím jak zjistit, která by to třeba mohla být. Podle času spuštění poslední úlohy ty časy nesedí a ani jsem tam 100% žádné nepřidal .

[Rudy]

Zkuste je zrušit a pokud byste zjistil, že se PC už neprobouzí, jednu po druhé je obnovujte, dokud nezjistíte, které to způsobuje.

[vorryy]

Tak jsem všechny úlohy zakázal a stále žádná změna. Nemohlo by to být třeba avastem.? Měl jsem zkušební plnou verzi a přecházel jsem na free.

[Rudy]

Teoreticky to možné je, ale v praxi jsem to neviděl.

[vorryy]

Takže Avast nic. Doplnky Avastu v Chromu ani Whats up v Chromu nic. úlohy všechny zakázané .

Ta služba Device\harddiskvolume1 vůbec nevím kde je. Ve službách není.

[Rudy]

Ve virech problém není. Musí ho probouzet některá z regulérních aplikací. Těžko říci, která.