Redirect, DNS unlocker

[NovOn11]

Dobrý den,
chtěl bych Vás poprosit o radu ohledně neustálého vyskakování reklam a redirectu na jiné stránky jakoby s nějakými on-line hrami.
Všiml jsem si, že ostatní uživatelé sem posílají po scanu a clean z ADWCleaneru ten log. Tak jej rovnou posílám. Děkuji za případnou pomoc.

# AdwCleaner v5.037 - Logfile created 06/03/2016 at 14:00:54
# Updated 28/02/2016 by Xplode
# Database : 2016-02-28.2 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Adrianka - ADRIANKA-HP
# Running from : C:\Users\Adrianka\Downloads\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : PanService

***** [ Folders ] *****

[-] Folder Deleted : C:\_acestream_cache_
[-] Folder Deleted : C:\Program Files (x86)\Mobogenie3
[-] Folder Deleted : C:\Program Files (x86)\PANDORA.TV
[-] Folder Deleted : C:\ProgramData\1af8102e-43e5-0
[-] Folder Deleted : C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[-] Folder Deleted : C:\ProgramData\af33f914
[-] Folder Deleted : C:\ProgramData\baab8dd2-5d31-1
[-] Folder Deleted : C:\ProgramData\baab8dd2-6771-0
[-] Folder Deleted : C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[-] Folder Deleted : C:\ProgramData\{0a218450-112c-0}
[-] Folder Deleted : C:\ProgramData\{1cee89bb-712c-1}
[-] Folder Deleted : C:\Users\Adrianka\AppData\Local\genienext
[-] Folder Deleted : C:\Users\Adrianka\AppData\Local\Mobogenie
[-] Folder Deleted : C:\Users\Adrianka\AppData\Local\Temp\APN-Stub
[-] Folder Deleted : C:\Users\Adrianka\AppData\Local\Temp\EnhanceEmpire
[-] Folder Deleted : C:\Users\Adrianka\AppData\Local\Temp\OCS
[-] Folder Deleted : C:\Users\Adrianka\AppData\Roaming\.acestream
[-] Folder Deleted : C:\Users\Adrianka\AppData\Roaming\acestream
[-] Folder Deleted : C:\Users\Adrianka\AppData\Roaming\Mobogenie
[-] Folder Deleted : C:\Users\Adrianka\AppData\Roaming\newnext.me
[-] Folder Deleted : C:\Users\Adrianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
[-] Folder Deleted : C:\Users\Adrianka\Documents\Mobogenie
[-] Folder Deleted : C:\windows\SysWOW64\config\systemprofile\Documents\Mobogenie

***** [ Files ] *****

[-] File Deleted : C:\Users\Adrianka\daemonprocess.txt
[-] File Deleted : C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage
[-] File Deleted : C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage-journal
[-] File Deleted : C:\windows\SysNative\roboot64.exe

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Registry Optimizer
[-] Task Deleted : One System CarePeriod
[-] Task Deleted : Chrome Cleanup Tool logs upload retry
[-] Task Deleted : {B042251F-7D18-DAB3-2F10-F81A3065EA08}

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{af33f914}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Trymedia Systems
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C168639F-5810-4EC8-B1E8-0251AA8A771C}
[-] Key Deleted : HKU\.DEFAULT\Software\Mobogenie
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{0682491B-A85D-49CA-AF88-4F0A9F9E01D8}C:\users\adrianka\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{2B5D613E-8331-4524-A5CB-5499CFF240E0}C:\users\adrianka\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{13318A1A-9719-430A-87FC-1E702C1202DF} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{13318A1A-9719-430A-87FC-1E702C1202DF} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{13318A1A-9719-430A-87FC-1E702C1202DF} [NameServer]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\nps.pastaleads.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pastaleads.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\couponxplorer.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\internetspeedtracker.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nps.pastaleads.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pastaleads.com
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
[-] Key Deleted : HKCU\Software\Classes\acestream

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [387 bytes] - [06/03/2016 13:52:00]
C:\AdwCleaner\AdwCleaner[C2].txt - [6901 bytes] - [06/03/2016 14:00:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [6546 bytes] - [06/03/2016 13:48:21]
C:\AdwCleaner\AdwCleaner[S2].txt - [6690 bytes] - [06/03/2016 13:52:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [7120 bytes] ##########

[Rudy]

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[NovOn11]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Adrianka (administrator) on ADRIANKA-HP (15-03-2016 20:22:10)
Running from C:\Users\Adrianka\Desktop
Loaded Profiles: Adrianka (Available Profiles: Adrianka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\ProgramData\Boxtools\Toolbox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-04] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2011-02-09] ()
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12274688 2011-02-07] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7137664 2016-03-11] (AVAST Software)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2014-12-17] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-1701670353-1839004531-336993662-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1701670353-1839004531-336993662-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-11] (AVAST Software)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.252
Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
Tcpip\..\Interfaces\{13318A1A-9719-430A-87FC-1E702C1202DF}: [DhcpNameServer] 192.168.100.252
Tcpip\..\Interfaces\{F44A5B73-1F30-4B6E-81F8-781776BC4054}: [DhcpNameServer] 82.163.142.7

Internet Explorer:
==================
HKU\S-1-5-21-1701670353-1839004531-336993662-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-1701670353-1839004531-336993662-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1701670353-1839004531-336993662-1001 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1701670353-1839004531-336993662-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-06] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-11] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-06] (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-06] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-11] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-06] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-1701670353-1839004531-336993662-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

FireFox:
========
FF ProfilePath: C:\Users\Adrianka\AppData\Roaming\Mozilla\Firefox\Profiles\us8cixzy.default
FF Homepage: WWW.SEZNAM.CZ
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-06] (Oracle Corporation)
FF Plugin-x32: @meadco.com/neptune plugin,version=2.0.0.29 -> C:\PROGRA~2\MEADCO~1\npmeadax.dll [2007-09-05] (MeadCo Corp.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-12-17] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-12-17] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-1701670353-1839004531-336993662-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adrianka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1701670353-1839004531-336993662-1001: electronicarts.com/GameFacePlugin -> C:\Users\Adrianka\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts)
FF Extension: Adblock Plus - C:\Users\Adrianka\AppData\Roaming\Mozilla\Firefox\Profiles\us8cixzy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-31]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-11]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt => not found
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-12-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-03-11]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

Chrome:
=======
CHR Profile: C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-21]
CHR Extension: (Disk Google) - C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-14]
CHR Extension: (Avast Online Security) - C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-21]
CHR Extension: (RealDownloader) - C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2016-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-21]
CHR Extension: (Gmail) - C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-03-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-11]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-11] (AVAST Software)
S3 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464440 2011-05-10] (Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2012-02-07] (Macrovision Europe Ltd.) [File not signed]
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2012-02-07] (Macrovision Europe Ltd.) [File not signed]
S3 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-29] (Hewlett-Packard Company)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1318912 2011-02-09] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)
S3 GDOCService; C:\Users\Adrianka\Desktop\MWFSrv.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-11] (AVAST Software)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [43008 2010-10-14] (Motorola, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-05-10] (Hewlett-Packard Company)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-20] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-01-30] ()
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [168008 2011-02-09] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826048 2010-12-21] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
R1 {75e31400-eac4-49b7-986c-d198f0b97db7}Gw64; C:\Windows\System32\drivers\{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64.sys [61128 2014-07-08] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 20:22 - 2016-03-15 20:23 - 00027438 _____ C:\Users\Adrianka\Desktop\FRST.txt
2016-03-15 20:20 - 2016-03-15 20:22 - 00000000 ____D C:\FRST
2016-03-15 20:19 - 2016-03-15 20:19 - 02374144 _____ (Farbar) C:\Users\Adrianka\Desktop\FRST64.exe
2016-03-11 08:02 - 2016-03-11 08:01 - 00398152 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-03-11 08:01 - 2016-03-11 08:01 - 00052184 _____ (AVAST Software) C:\windows\avastSS.scr
2016-03-09 09:48 - 2016-02-12 19:52 - 03169792 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-03-09 09:48 - 2016-02-12 19:52 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-03-09 09:48 - 2016-02-12 19:52 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-03-09 09:48 - 2016-02-12 19:44 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2016-03-09 09:48 - 2016-02-12 19:39 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-03-09 09:48 - 2016-02-12 19:22 - 02610688 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-03-09 09:48 - 2016-02-12 19:19 - 00709120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-03-09 09:48 - 2016-02-12 19:18 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-03-09 09:48 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-03-09 09:48 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-03-09 09:48 - 2016-02-12 19:18 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-03-09 09:48 - 2016-02-12 19:18 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2016-03-09 09:48 - 2016-02-12 19:06 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-03-09 09:48 - 2016-02-12 19:05 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-03-09 09:48 - 2016-02-12 19:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-03-09 09:48 - 2016-02-12 19:05 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-03-09 09:48 - 2016-02-09 10:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2016-03-09 09:48 - 2016-02-09 07:10 - 00341200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-03-09 09:48 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-03-09 09:48 - 2016-02-08 21:38 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-03-09 09:48 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-03-09 09:48 - 2016-02-08 21:31 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-03-09 09:48 - 2016-02-08 21:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 09:48 - 2016-02-08 21:15 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-03-09 09:48 - 2016-02-08 21:12 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-03-09 09:48 - 2016-02-08 21:10 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-03-09 09:48 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-03-09 09:48 - 2016-02-08 19:41 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-03-09 09:48 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-03-09 09:48 - 2016-02-08 19:26 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-03-09 09:48 - 2016-02-08 19:18 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-03-09 09:48 - 2016-02-08 19:14 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-03-09 09:48 - 2016-02-08 18:54 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-03-09 09:48 - 2016-02-08 18:35 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-03-09 09:48 - 2016-02-04 18:52 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-03-09 09:48 - 2016-02-03 19:58 - 00862208 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2016-03-09 09:48 - 2016-02-03 19:52 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-03-09 09:48 - 2016-02-03 19:49 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2016-03-09 09:48 - 2016-02-03 19:43 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-03-09 09:48 - 2016-02-03 19:07 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2016-03-09 09:48 - 2016-01-11 20:11 - 01684416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2016-03-09 09:48 - 2015-11-19 15:07 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 09:48 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 09:47 - 2016-02-09 07:53 - 00387792 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-03-09 09:47 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-03-09 09:47 - 2016-02-08 21:51 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-03-09 09:47 - 2016-02-08 21:39 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-03-09 09:47 - 2016-02-08 21:38 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-03-09 09:47 - 2016-02-08 21:37 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-03-09 09:47 - 2016-02-08 21:32 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-03-09 09:47 - 2016-02-08 21:30 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-03-09 09:47 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-03-09 09:47 - 2016-02-08 21:28 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-03-09 09:47 - 2016-02-08 21:28 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-03-09 09:47 - 2016-02-08 21:20 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-03-09 09:47 - 2016-02-08 21:13 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-03-09 09:47 - 2016-02-08 21:11 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-03-09 09:47 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-03-09 09:47 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-03-09 09:47 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-03-09 09:47 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-03-09 09:47 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-03-09 09:47 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-03-09 09:47 - 2016-02-08 21:01 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-03-09 09:47 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-03-09 09:47 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-03-09 09:47 - 2016-02-08 19:41 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-03-09 09:47 - 2016-02-08 19:27 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-03-09 09:47 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-03-09 09:47 - 2016-02-08 19:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-03-09 09:47 - 2016-02-08 19:26 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-03-09 09:47 - 2016-02-08 19:19 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-03-09 09:47 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-03-09 09:47 - 2016-02-08 19:15 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-03-09 09:47 - 2016-02-08 19:14 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-03-09 09:47 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-03-09 09:47 - 2016-02-08 19:13 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-03-09 09:47 - 2016-02-08 19:06 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-03-09 09:47 - 2016-02-08 19:03 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-03-09 09:47 - 2016-02-08 18:55 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 09:47 - 2016-02-08 18:52 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-03-09 09:47 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-03-09 09:47 - 2016-02-08 18:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-03-09 09:47 - 2016-02-08 18:47 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-03-09 09:47 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-03-09 09:47 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-03-09 09:47 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-03-09 09:47 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-03-09 09:47 - 2016-02-08 18:33 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-03-09 09:47 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-03-09 09:47 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-03-09 09:47 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-03-09 09:46 - 2016-02-11 19:56 - 05572032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-03-09 09:46 - 2016-02-11 19:56 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-03-09 09:46 - 2016-02-11 19:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-03-09 09:46 - 2016-02-11 19:52 - 01733592 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-03-09 09:46 - 2016-02-11 19:49 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-03-09 09:46 - 2016-02-11 19:49 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-03-09 09:46 - 2016-02-11 19:49 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-03-09 09:46 - 2016-02-11 19:49 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-03-09 09:46 - 2016-02-11 19:49 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-03-09 09:46 - 2016-02-11 19:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-03-09 09:46 - 2016-02-11 19:49 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-03-09 09:46 - 2016-02-11 19:49 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-03-09 09:46 - 2016-02-11 19:48 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-03-09 09:46 - 2016-02-11 19:48 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-03-09 09:46 - 2016-02-11 19:48 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-03-09 09:46 - 2016-02-11 19:48 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-03-09 09:46 - 2016-02-11 19:48 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-03-09 09:46 - 2016-02-11 19:47 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-03-09 09:46 - 2016-02-11 19:45 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-03-09 09:46 - 2016-02-11 19:45 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-03-09 09:46 - 2016-02-11 19:45 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-03-09 09:46 - 2016-02-11 19:45 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-03-09 09:46 - 2016-02-11 19:44 - 03994560 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-03-09 09:46 - 2016-02-11 19:44 - 03938240 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-03-09 09:46 - 2016-02-11 19:44 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-03-09 09:46 - 2016-02-11 19:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-03-09 09:46 - 2016-02-11 19:44 - 00730112 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-03-09 09:46 - 2016-02-11 19:44 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-03-09 09:46 - 2016-02-11 19:42 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-03-09 09:46 - 2016-02-11 19:42 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-03-09 09:46 - 2016-02-11 19:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 01314328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:38 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-03-09 09:46 - 2016-02-11 19:38 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-03-09 09:46 - 2016-02-11 19:38 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-03-09 09:46 - 2016-02-11 19:38 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-03-09 09:46 - 2016-02-11 19:38 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-03-09 09:46 - 2016-02-11 19:38 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-03-09 09:46 - 2016-02-11 19:38 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-03-09 09:46 - 2016-02-11 19:37 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-03-09 09:46 - 2016-02-11 19:37 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-03-09 09:46 - 2016-02-11 19:37 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-03-09 09:46 - 2016-02-11 19:35 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-03-09 09:46 - 2016-02-11 19:35 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-03-09 09:46 - 2016-02-11 19:35 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-03-09 09:46 - 2016-02-11 19:34 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-03-09 09:46 - 2016-02-11 19:33 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-03-09 09:46 - 2016-02-11 19:31 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00642560 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 18:48 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-03-09 09:46 - 2016-02-11 18:43 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-03-09 09:46 - 2016-02-11 18:41 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-03-09 09:46 - 2016-02-11 18:40 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-03-09 09:46 - 2016-02-11 18:34 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-03-09 09:46 - 2016-02-11 18:34 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-03-09 09:46 - 2016-02-11 18:33 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-03-09 09:46 - 2016-02-11 18:32 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-03-09 09:46 - 2016-02-11 18:32 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-03-09 09:46 - 2016-02-11 18:32 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-03-09 09:46 - 2016-02-11 18:32 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-03-09 09:46 - 2016-02-11 18:32 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-03-09 09:46 - 2016-02-11 18:32 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-03-09 09:46 - 2016-02-11 18:31 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-03-09 09:46 - 2016-02-11 18:30 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 18:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 18:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 09:46 - 2016-02-11 18:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 09:45 - 2016-02-19 20:02 - 00038336 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-03-09 09:45 - 2016-02-19 19:54 - 01168896 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-03-09 09:45 - 2016-02-19 15:07 - 01373184 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-03-09 09:45 - 2016-02-11 15:07 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-03-09 09:45 - 2016-02-05 19:54 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-03-09 09:45 - 2016-02-05 19:54 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-03-09 09:45 - 2016-02-05 19:53 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-03-09 09:45 - 2016-02-05 19:53 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-03-09 09:45 - 2016-02-05 19:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-03-09 09:45 - 2016-02-05 19:44 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-03-09 09:45 - 2016-02-05 19:42 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-03-09 09:45 - 2016-02-05 18:48 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-03-09 09:45 - 2016-02-05 18:43 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-03-09 09:45 - 2016-02-05 18:43 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-03-09 09:45 - 2016-02-05 15:07 - 00696832 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-03-09 09:45 - 2016-02-05 15:07 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-03-09 09:45 - 2016-02-05 15:07 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-03-09 09:45 - 2016-02-05 02:19 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2016-03-09 09:45 - 2016-02-04 19:41 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2016-03-09 09:22 - 2016-03-09 09:22 - 02268160 _____ C:\Users\Adrianka\Downloads\03_Marak_17_10.ppt
2016-03-09 09:21 - 2016-03-09 09:22 - 17053856 _____ C:\Users\Adrianka\Downloads\ČOV_v3.2_2016-01-11.pptx
2016-03-06 14:21 - 2016-03-06 14:21 - 00007215 _____ C:\Users\Adrianka\Desktop\AdwCleaner[C2].txt
2016-03-06 13:48 - 2016-03-06 14:00 - 00000000 ____D C:\AdwCleaner
2016-03-06 13:47 - 2016-03-06 13:48 - 01518592 _____ C:\Users\Adrianka\Downloads\adwcleaner_5.037.exe
2016-03-06 12:53 - 2016-03-06 12:32 - 00278624 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2016-03-06 12:37 - 2016-03-06 12:35 - 00110176 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-64.dll
2016-03-06 12:36 - 2016-03-06 12:53 - 04584344 _____ (Google) C:\Users\Adrianka\Downloads\chrome_cleanup_tool.exe
2016-03-06 12:33 - 2016-03-06 12:33 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-03 20:44 - 2016-03-03 20:44 - 00000000 ____D C:\ProgramData\Adobe
2016-03-03 20:43 - 2016-03-03 20:43 - 00000000 ____D C:\windows\SysWOW64\Adobe
2016-03-03 20:43 - 2016-03-03 20:43 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-03-03 20:43 - 2016-03-03 20:43 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-03-03 20:43 - 2016-03-03 20:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-03 20:42 - 2016-03-03 20:43 - 18346464 _____ (Adobe Systems Inc.) C:\Users\Adrianka\Downloads\AdobeAIRInstaller.exe
2016-03-02 16:02 - 2016-03-02 16:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-03-02 16:02 - 2016-03-02 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-01 20:48 - 2016-03-01 20:48 - 00000000 ____D C:\Users\Adrianka\Desktop\Subs
2016-03-01 20:45 - 2016-03-01 20:46 - 30886494 _____ C:\Users\Adrianka\Downloads\if-rep-2016-ep.zip
2016-02-27 16:24 - 2016-03-03 20:41 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-02-27 16:24 - 2016-03-03 20:41 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-27 16:24 - 2016-03-03 20:41 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-02-27 16:24 - 2016-02-27 16:24 - 00000958 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-02-25 12:50 - 2016-02-25 12:50 - 00031844 _____ C:\Users\Adrianka\Downloads\Formular_EDS_129D25300.xlsx
2016-02-23 10:07 - 2016-02-23 10:13 - 107016554 _____ C:\Users\Adrianka\Downloads\DETEKTOR-II.rar
2016-02-23 07:52 - 2016-02-23 07:52 - 00748924 _____ C:\Users\Adrianka\Downloads\Ing. Kříž.pdf
2016-02-23 07:52 - 2016-02-23 07:52 - 00298486 _____ C:\Users\Adrianka\Downloads\MARIANSKE RADCICE - Posouzeni centralizovaneho a decentralizovaneho systemu cisteni odpadnich vo.pdf
2016-02-22 16:01 - 2016-02-21 07:57 - 1073760901 _____ C:\Users\Adrianka\Desktop\The.Last.Witch.Hunter.2015.BDRip.x264.AC3-RiSiNG.mkv
2016-02-22 15:57 - 2016-02-22 15:57 - 00001128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2016-02-22 15:57 - 2016-02-22 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2016-02-22 15:37 - 2016-02-22 15:38 - 10550048 _____ C:\Users\Adrianka\Downloads\bsplayer270.setup.exe
2016-02-21 23:39 - 2016-02-22 00:02 - 00000000 ____D C:\Users\Adrianka\AppData\Roaming\Seznam Browser
2016-02-21 23:37 - 2016-02-21 23:39 - 43828448 _____ C:\Users\Adrianka\Downloads\Seznam.cz.exe
2016-02-21 23:20 - 2016-03-15 07:19 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-21 23:17 - 2016-02-21 23:17 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1d16cf5b267b9b1.job
2016-02-21 23:17 - 2016-02-21 23:17 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-21 20:57 - 2016-02-20 16:36 - 1120436470 _____ C:\Users\Adrianka\Desktop\Perfektn%C3%AD+den_A+Perfect+Day_2015_hc.titulky.CZ.avi
2016-02-15 21:26 - 2016-01-03 16:15 - 00060053 _____ C:\Users\Adrianka\Desktop\rida1.srt
2016-02-15 21:26 - 2016-01-03 15:06 - 1672820736 _____ C:\Users\Adrianka\Desktop\rida1.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 07:56 - 2012-01-02 19:41 - 00000000 ____D C:\ProgramData\PDFC
2016-03-15 07:39 - 2014-01-05 13:25 - 00000000 ____D C:\ProgramData\Boxtools
2016-03-15 07:21 - 2009-07-14 05:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-15 07:21 - 2009-07-14 05:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-13 13:28 - 2016-01-06 21:27 - 00000000 ____D C:\Users\Adrianka\AppData\Roaming\BSplayer
2016-03-12 16:52 - 2012-01-02 18:36 - 00672408 _____ C:\windows\system32\perfh005.dat
2016-03-12 16:52 - 2012-01-02 18:36 - 00142972 _____ C:\windows\system32\perfc005.dat
2016-03-12 16:52 - 2009-07-14 06:13 - 01593302 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-12 16:52 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-03-11 08:04 - 2014-12-10 09:30 - 01070904 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2016-03-11 08:04 - 2014-12-10 09:30 - 00463744 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2016-03-11 08:04 - 2014-12-10 09:30 - 00287016 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys
2016-03-11 08:04 - 2014-12-10 09:30 - 00107792 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys
2016-03-11 08:03 - 2014-12-10 09:30 - 00000350 ____H C:\windows\Tasks\avast! Emergency Update.job
2016-03-11 08:01 - 2014-12-10 09:30 - 00165344 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-03-11 08:01 - 2014-12-10 09:30 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-03-11 08:01 - 2014-12-10 09:30 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-03-11 08:01 - 2014-12-10 09:30 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-03-09 14:01 - 2009-07-14 05:45 - 00409432 _____ C:\windows\system32\FNTCACHE.DAT
2016-03-09 12:21 - 2014-12-10 15:36 - 00000000 ____D C:\windows\system32\appraiser
2016-03-06 14:01 - 2012-07-04 21:45 - 00000000 ____D C:\Users\Adrianka
2016-03-06 13:52 - 2012-08-19 10:20 - 00000000 ____D C:\Users\Adrianka\AppData\Local\CrashDumps
2016-03-06 12:54 - 2013-12-21 23:36 - 00000000 ____D C:\ProgramData\Oracle
2016-03-06 12:53 - 2013-12-21 23:40 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-06 12:53 - 2013-12-21 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-06 12:38 - 2014-03-15 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-03-06 12:37 - 2013-12-21 23:35 - 00000000 ____D C:\Program Files\Java
2016-03-06 12:36 - 2015-11-19 20:58 - 00000000 ____D C:\Users\Adrianka\.oracle_jre_usage
2016-03-06 12:35 - 2013-12-21 23:35 - 00110176 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-03-03 20:44 - 2012-07-20 08:53 - 00000000 ____D C:\Users\Adrianka\AppData\Roaming\Adobe
2016-03-03 20:44 - 2009-07-14 06:32 - 00000000 ____D C:\windows\Downloaded Program Files
2016-03-03 20:43 - 2014-07-19 21:12 - 00000000 ____D C:\Users\Adrianka\AppData\Local\Adobe
2016-03-03 07:53 - 2012-07-04 21:51 - 00109296 _____ C:\Users\Adrianka\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-02 22:46 - 2009-07-14 03:34 - 00000580 _____ C:\windows\win.ini
2016-03-02 16:02 - 2012-02-07 06:25 - 00000000 ____D C:\ProgramData\Skype
2016-03-02 15:54 - 2012-01-02 19:11 - 01568952 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-03-01 08:32 - 2012-07-04 21:53 - 00000000 ____D C:\Users\Adrianka\AppData\Local\VirtualStore
2016-03-01 08:29 - 2012-09-14 08:58 - 00000000 ____D C:\windows\AutoKMS
2016-02-29 16:08 - 2012-08-19 10:26 - 00002057 _____ C:\windows\epplauncher.mif
2016-02-29 15:59 - 2012-08-19 10:26 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-29 15:59 - 2012-08-19 10:26 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-29 15:59 - 2012-08-19 10:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-02-29 06:40 - 2013-04-12 13:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-29 06:40 - 2013-04-12 13:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-28 17:49 - 2013-04-12 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-28 17:21 - 2014-03-05 17:16 - 00000000 ____D C:\Users\Adrianka\AppData\Local\Opera Software
2016-02-28 17:21 - 2012-09-14 08:35 - 00000000 ____D C:\Program Files (x86)\Opera
2016-02-28 17:19 - 2012-07-04 21:53 - 00001393 _____ C:\Users\Adrianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-26 21:44 - 2015-04-04 13:08 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-02-26 21:44 - 2015-04-04 13:08 - 00000000 ___SD C:\windows\system32\GWX
2016-02-21 23:42 - 2012-12-03 19:57 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-02-21 23:25 - 2014-08-17 22:06 - 00000000 ____D C:\The KMPlayer
2016-02-21 23:20 - 2014-06-14 00:20 - 00000000 ____D C:\Program Files (x86)\Google

==================== Files in the root of some directories =======

2014-01-05 13:25 - 2014-01-05 13:25 - 0000040 _____ () C:\Users\Adrianka\AppData\Roaming\cdr.ini
2015-03-18 18:49 - 2015-04-30 05:19 - 0229376 _____ () C:\Users\Adrianka\AppData\Roaming\fin.zup
2014-03-16 00:00 - 2014-03-16 00:19 - 0000600 _____ () C:\Users\Adrianka\AppData\Roaming\winscp.rnd
2014-08-31 19:43 - 2014-08-31 19:43 - 0007168 _____ () C:\Users\Adrianka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-17 09:28 - 2013-08-09 20:38 - 0003048 _____ () C:\Users\Adrianka\AppData\Local\mbt-actwiz.log
2014-03-15 23:58 - 2014-03-16 00:19 - 0000600 _____ () C:\Users\Adrianka\AppData\Local\PUTTY.RND

Files to move or delete:
====================
C:\Windows\Tasks\{080C7E47-0E0E-0D09-7A11-0B780D041178}.job
C:\Windows\Tasks\{7F087D47-797F-7E0E-0F11-0809057D1179}.job
C:\Windows\Tasks\{EAA66B53-7A83-0C49-D040-9CE29C919B21}.job
C:\Windows\Tasks\{EACC62B3-7063-0C23-D040-9CE27C9BF121}.job


Some files in TEMP:
====================
C:\Users\Adrianka\AppData\Local\Temp\02yop_ya.dll
C:\Users\Adrianka\AppData\Local\Temp\4a1fndd4.dll
C:\Users\Adrianka\AppData\Local\Temp\6uxhpx00.dll
C:\Users\Adrianka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfumxtq.dll
C:\Users\Adrianka\AppData\Local\Temp\e-0lb5on.dll
C:\Users\Adrianka\AppData\Local\Temp\Extract.exe
C:\Users\Adrianka\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Adrianka\AppData\Local\Temp\install_flashplayer14x32_chrd_dn_aaa_aih.exe
C:\Users\Adrianka\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Adrianka\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Adrianka\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Adrianka\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Adrianka\AppData\Local\Temp\kkkkmy6y.dll
C:\Users\Adrianka\AppData\Local\Temp\KMP_3.8.0.120.exe
C:\Users\Adrianka\AppData\Local\Temp\KMP_3.8.0.121.exe
C:\Users\Adrianka\AppData\Local\Temp\KMP_3.8.0.122.exe
C:\Users\Adrianka\AppData\Local\Temp\KMP_3.9.0.124.exe
C:\Users\Adrianka\AppData\Local\Temp\KMP_3.9.0.125.exe
C:\Users\Adrianka\AppData\Local\Temp\KMP_3.9.0.126.exe
C:\Users\Adrianka\AppData\Local\Temp\KMP_3.9.0.127.exe
C:\Users\Adrianka\AppData\Local\Temp\KMP_3.9.1.131.exe
C:\Users\Adrianka\AppData\Local\Temp\lowproc.exe
C:\Users\Adrianka\AppData\Local\Temp\ochelper.exe
C:\Users\Adrianka\AppData\Local\Temp\oj8sjzac.dll
C:\Users\Adrianka\AppData\Local\Temp\Resource.exe
C:\Users\Adrianka\AppData\Local\Temp\rkqkewmf.dll
C:\Users\Adrianka\AppData\Local\Temp\sp54620.exe
C:\Users\Adrianka\AppData\Local\Temp\sp58915.exe
C:\Users\Adrianka\AppData\Local\Temp\sqlite3.dll
C:\Users\Adrianka\AppData\Local\Temp\SRLDetectionLibrary6264795564492408583.dll
C:\Users\Adrianka\AppData\Local\Temp\stubhelper.dll
C:\Users\Adrianka\AppData\Local\Temp\Uninstall.exe
C:\Users\Adrianka\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Adrianka\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Adrianka\AppData\Local\Temp\w00oi5zf.dll
C:\Users\Adrianka\AppData\Local\Temp\xjoi4k5n.dll
C:\Users\Adrianka\AppData\Local\Temp\_dx1vybi.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-01 19:37

==================== End of FRST.txt ============================

Děkuji za pomoc a omlouvám se za časovou prodlevu. Nastavil jsem si upozornění, ale nepřišlo mi.

[Rudy]

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[NovOn11]

# AdwCleaner v5.102 - Logfile created 16/03/2016 at 21:14:01
# Updated 13/03/2016 by Xplode
# Database : 2016-03-16.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Adrianka - ADRIANKA-HP
# Running from : C:\Users\Adrianka\Desktop\adwcleaner_5.102.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage
[-] File Deleted : C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage-journal
[-] File Deleted : C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
[-] File Deleted : C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : {080C7E47-0E0E-0D09-7A11-0B780D041178}
[-] Task Deleted : {7F087D47-797F-7E0E-0F11-0809057D1179}
[-] Task Deleted : {EAA66B53-7A83-0C49-D040-9CE29C919B21}
[-] Task Deleted : {EACC62B3-7063-0C23-D040-9CE27C9BF121}

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\akamaihd.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdncache-a.akamaihd.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\eshopcomp.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\moneyviking-a.akamaihd.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.eshopcomp.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akamaihd.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\bestpriceninja.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cdncache-a.akamaihd.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\eshopcomp.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\internetspeedtracker.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nps.pastaleads.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pastaleads.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.bestpriceninja.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.eshopcomp.com

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [3842 bytes] - [16/03/2016 21:14:01]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [3845 bytes] - [16/03/2016 21:10:02]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [4028 bytes] ##########

[Rudy]

Dejte nový log RSIT.

[NovOn11]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adrianka at 2016-03-20 17:32:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 178 GB (39%) free of 455 GB
Total RAM: 4030 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:32:54, on 20.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\ProgramData\Boxtools\Toolbox.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe
C:\Program Files\trend micro\Adrianka.exe
C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: gDoc PDF Service (GDOCService) - Unknown owner - C:\Users\Adrianka\Desktop\MWFSrv.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 16675 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
"C:\windows\system32\Dwm.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Windows\System32\hkcmd.exe"
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files\File Association Helper\FAHWindow.exe" register
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
taskeng.exe {6B7B9F67-B6EF-4BAC-8494-5C4454A093B6}
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\ProgramData\Boxtools\Toolbox.exe" -autorun
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
WLIDSvcM.exe 1308
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.87 --handshake-handle=0xdc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
-Minimized
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Control/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4352.4.1753630623\458055411" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4352.7.1447196710\898581410" --disable-d3d11 --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\Adrianka\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159" --gpu-driver-bug-workarounds=3,9,11,25,26,54,58 --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.910.0.0 --ignored=" --type=renderer " /prefetch:2
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
C:\windows\system32\GWX\GWX.exe /updateconfig
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"

taskeng.exe {CE4127C4-F697-43F3-9BD7-0ADD2C04B1A4}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\sppsvc.exe
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Control/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4352.15.1250546145\686278828" /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Adrianka\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe" /Run
"C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /runevent "C:\Program Files (x86)\Real\RealPlayer\rpwa3260.dll" WatchFolders_Timer

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe -check pepperplugin
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineCore1d16cf5b267b9b1.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1701670353-1839004531-336993662-1001.job - C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
C:\windows\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1701670353-1839004531-336993662-1001.job - C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe /scheduledcheck
C:\windows\tasks\XboxStatTask.job - C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe silentrun

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-06 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-11 901600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-06 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-06 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-11 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-06 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-12-20 414920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-04 2679592]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-09-01 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-09-01 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-09-01 416024]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-01-27 835072]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-02-09 200704]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"FAHConsole"=C:\Program Files\File Association Helper\FAHConsole.exe [2014-01-28 729272]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]
"Boxoft Tools"=C:\ProgramData\Boxtools\Boxofttoolbox.exe [2010-12-15 514048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-02-13 60712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\windows\AutoKMS.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
C:\Program Files\Motorola\Bluetooth\btmshell.dll [2011-02-16 21709904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-11-10 169528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-01-29 299576]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-14 343168]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-04-05 94264]
""= []
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-02-13 60712]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013-07-25 1985824]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-19 7139256]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2014-12-17 295512]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-09-01 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-20 17:32:38 ----D---- C:\rsit
2016-03-20 17:32:38 ----D---- C:\Program Files\trend micro
2016-03-16 21:09:48 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-16 07:47:49 ----A---- C:\windows\system32\drivers\volsnap.sys
2016-03-15 20:20:16 ----D---- C:\FRST
2016-03-11 08:02:13 ----A---- C:\windows\system32\aswBoot.exe
2016-03-11 08:01:08 ----A---- C:\windows\avastSS.scr
2016-03-09 09:48:33 ----A---- C:\windows\system32\drivers\USBSTOR.SYS
2016-03-09 09:48:27 ----A---- C:\windows\system32\seclogon.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\ucrtbase.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 09:48:25 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 09:48:25 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 09:48:25 ----A---- C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 09:48:25 ----A---- C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 09:48:23 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 09:48:22 ----A---- C:\windows\system32\win32k.sys
2016-03-09 09:48:20 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2016-03-09 09:48:20 ----A---- C:\windows\SYSWOW64\wuapi.dll
2016-03-09 09:48:20 ----A---- C:\windows\system32\wuwebv.dll
2016-03-09 09:48:20 ----A---- C:\windows\system32\wudriver.dll
2016-03-09 09:48:20 ----A---- C:\windows\system32\wucltux.dll
2016-03-09 09:48:20 ----A---- C:\windows\system32\wuaueng.dll
2016-03-09 09:48:20 ----A---- C:\windows\system32\wuapi.dll
2016-03-09 09:48:19 ----A---- C:\windows\SYSWOW64\wups.dll
2016-03-09 09:48:19 ----A---- C:\windows\SYSWOW64\wudriver.dll
2016-03-09 09:48:19 ----A---- C:\windows\SYSWOW64\wuapp.exe
2016-03-09 09:48:19 ----A---- C:\windows\system32\wups2.dll
2016-03-09 09:48:19 ----A---- C:\windows\system32\wups.dll
2016-03-09 09:48:19 ----A---- C:\windows\system32\wuauclt.exe
2016-03-09 09:48:19 ----A---- C:\windows\system32\wuapp.exe
2016-03-09 09:48:19 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2016-03-09 09:48:19 ----A---- C:\windows\system32\WinSetupUI.dll
2016-03-09 09:48:14 ----A---- C:\windows\system32\drivers\ntfs.sys
2016-03-09 09:48:12 ----A---- C:\windows\system32\oleaut32.dll
2016-03-09 09:48:11 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-03-09 09:48:10 ----A---- C:\windows\SYSWOW64\asycfilt.dll
2016-03-09 09:48:10 ----A---- C:\windows\system32\asycfilt.dll
2016-03-09 09:48:04 ----A---- C:\windows\SYSWOW64\iernonce.dll
2016-03-09 09:48:04 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 09:48:04 ----A---- C:\windows\system32\iertutil.dll
2016-03-09 09:48:02 ----A---- C:\windows\SYSWOW64\inseng.dll
2016-03-09 09:48:02 ----A---- C:\windows\system32\iernonce.dll
2016-03-09 09:48:02 ----A---- C:\windows\system32\ieetwcollector.exe
2016-03-09 09:48:01 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2016-03-09 09:48:01 ----A---- C:\windows\system32\ieetwproxystub.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\occache.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-03-09 09:48:00 ----A---- C:\windows\system32\inseng.dll
2016-03-09 09:48:00 ----A---- C:\windows\system32\ie4uinit.exe
2016-03-09 09:47:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-03-09 09:47:59 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-03-09 09:47:59 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-03-09 09:47:59 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 09:47:58 ----A---- C:\windows\SYSWOW64\iesetup.dll
2016-03-09 09:47:58 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-03-09 09:47:57 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-03-09 09:47:57 ----A---- C:\windows\system32\urlmon.dll
2016-03-09 09:47:57 ----A---- C:\windows\system32\occache.dll
2016-03-09 09:47:57 ----A---- C:\windows\system32\ieetwcollectorres.dll
2016-03-09 09:47:57 ----A---- C:\windows\system32\iedkcs32.dll
2016-03-09 09:47:56 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2016-03-09 09:47:56 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2016-03-09 09:47:56 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2016-03-09 09:47:55 ----A---- C:\windows\SYSWOW64\ieui.dll
2016-03-09 09:47:55 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-03-09 09:47:55 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2016-03-09 09:47:55 ----A---- C:\windows\system32\msfeeds.dll
2016-03-09 09:47:55 ----A---- C:\windows\system32\dxtrans.dll
2016-03-09 09:47:54 ----A---- C:\windows\system32\iesetup.dll
2016-03-09 09:47:54 ----A---- C:\windows\system32\ieapfltr.dll
2016-03-09 09:47:53 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-03-09 09:47:53 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 09:47:53 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2016-03-09 09:47:52 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-03-09 09:47:52 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-03-09 09:47:52 ----A---- C:\windows\system32\vbscript.dll
2016-03-09 09:47:52 ----A---- C:\windows\system32\jsproxy.dll
2016-03-09 09:47:51 ----A---- C:\windows\SYSWOW64\msrating.dll
2016-03-09 09:47:51 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2016-03-09 09:47:51 ----A---- C:\windows\system32\ieui.dll
2016-03-09 09:47:51 ----A---- C:\windows\system32\dxtmsft.dll
2016-03-09 09:47:50 ----A---- C:\windows\system32\mshtmled.dll
2016-03-09 09:47:50 ----A---- C:\windows\system32\ieframe.dll
2016-03-09 09:47:49 ----A---- C:\windows\system32\webcheck.dll
2016-03-09 09:47:49 ----A---- C:\windows\system32\mshtmlmedia.dll
2016-03-09 09:47:49 ----A---- C:\windows\system32\jscript9diag.dll
2016-03-09 09:47:49 ----A---- C:\windows\system32\jscript.dll
2016-03-09 09:47:49 ----A---- C:\windows\system32\ieUnatt.exe
2016-03-09 09:47:48 ----A---- C:\windows\system32\wininet.dll
2016-03-09 09:47:48 ----A---- C:\windows\system32\jscript9.dll
2016-03-09 09:47:47 ----A---- C:\windows\system32\msrating.dll
2016-03-09 09:47:47 ----A---- C:\windows\system32\MshtmlDac.dll
2016-03-09 09:47:46 ----A---- C:\windows\system32\mshtml.dll
2016-03-09 09:46:36 ----A---- C:\windows\system32\ntoskrnl.exe
2016-03-09 09:46:36 ----A---- C:\windows\system32\ntdll.dll
2016-03-09 09:46:34 ----A---- C:\windows\SYSWOW64\ntdll.dll
2016-03-09 09:46:34 ----A---- C:\windows\system32\KernelBase.dll
2016-03-09 09:46:34 ----A---- C:\windows\system32\kerberos.dll
2016-03-09 09:46:33 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2016-03-09 09:46:32 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 09:46:31 ----A---- C:\windows\system32\kernel32.dll
2016-03-09 09:46:30 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-03-09 09:46:30 ----A---- C:\windows\SYSWOW64\kerberos.dll
2016-03-09 09:46:30 ----A---- C:\windows\SYSWOW64\advapi32.dll
2016-03-09 09:46:30 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-03-09 09:46:30 ----A---- C:\windows\system32\advapi32.dll
2016-03-09 09:46:29 ----A---- C:\windows\system32\lsasrv.dll
2016-03-09 09:46:29 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-03-09 09:46:28 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2016-03-09 09:46:28 ----A---- C:\windows\system32\smss.exe
2016-03-09 09:46:28 ----A---- C:\windows\system32\schannel.dll
2016-03-09 09:46:28 ----A---- C:\windows\system32\rpcrt4.dll
2016-03-09 09:46:28 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-03-09 09:46:27 ----A---- C:\windows\system32\wow64win.dll
2016-03-09 09:46:27 ----A---- C:\windows\system32\msv1_0.dll
2016-03-09 09:46:27 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-03-09 09:46:26 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-03-09 09:46:26 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-03-09 09:46:26 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\wow64.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\winsrv.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\wdigest.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\TSpkg.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\sspicli.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\srcore.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\ncrypt.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-03-09 09:46:26 ----A---- C:\windows\system32\conhost.exe
2016-03-09 09:46:25 ----A---- C:\windows\SYSWOW64\wdigest.dll
2016-03-09 09:46:25 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2016-03-09 09:46:25 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\wow64cpu.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\sspisrv.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\srclient.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\secur32.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\lsass.exe
2016-03-09 09:46:25 ----A---- C:\windows\system32\csrsrv.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\cryptbase.dll
2016-03-09 09:46:24 ----A---- C:\windows\SYSWOW64\srclient.dll
2016-03-09 09:46:24 ----A---- C:\windows\SYSWOW64\secur32.dll
2016-03-09 09:46:24 ----A---- C:\windows\SYSWOW64\kernel32.dll
2016-03-09 09:46:24 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2016-03-09 09:46:24 ----A---- C:\windows\SYSWOW64\credssp.dll
2016-03-09 09:46:24 ----A---- C:\windows\system32\rstrui.exe
2016-03-09 09:46:24 ----A---- C:\windows\system32\ntvdm64.dll
2016-03-09 09:46:24 ----A---- C:\windows\system32\credssp.dll
2016-03-09 09:46:24 ----A---- C:\windows\system32\auditpol.exe
2016-03-09 09:46:23 ----A---- C:\windows\SYSWOW64\wow32.dll
2016-03-09 09:46:23 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2016-03-09 09:46:23 ----A---- C:\windows\SYSWOW64\auditpol.exe
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 09:46:20 ----A---- C:\windows\SYSWOW64\user.exe
2016-03-09 09:46:20 ----A---- C:\windows\SYSWOW64\setup16.exe
2016-03-09 09:46:20 ----A---- C:\windows\SYSWOW64\instnm.exe
2016-03-09 09:46:20 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2016-03-09 09:46:20 ----A---- C:\windows\system32\apisetschema.dll
2016-03-09 09:46:19 ----A---- C:\windows\SYSWOW64\msobjs.dll
2016-03-09 09:46:19 ----A---- C:\windows\SYSWOW64\msaudite.dll
2016-03-09 09:46:19 ----A---- C:\windows\SYSWOW64\adtschema.dll
2016-03-09 09:46:19 ----A---- C:\windows\system32\msobjs.dll
2016-03-09 09:46:19 ----A---- C:\windows\system32\msaudite.dll
2016-03-09 09:46:19 ----A---- C:\windows\system32\adtschema.dll
2016-03-09 09:45:37 ----A---- C:\windows\system32\mfds.dll
2016-03-09 09:45:36 ----A---- C:\windows\SYSWOW64\mfds.dll
2016-03-09 09:45:32 ----A---- C:\windows\system32\atmfd.dll
2016-03-09 09:45:31 ----A---- C:\windows\SYSWOW64\atmfd.dll
2016-03-09 09:45:31 ----A---- C:\windows\system32\lpk.dll
2016-03-09 09:45:30 ----A---- C:\windows\SYSWOW64\fontsub.dll
2016-03-09 09:45:30 ----A---- C:\windows\system32\fontsub.dll
2016-03-09 09:45:30 ----A---- C:\windows\system32\dciman32.dll
2016-03-09 09:45:30 ----A---- C:\windows\system32\atmlib.dll
2016-03-09 09:45:29 ----A---- C:\windows\SYSWOW64\lpk.dll
2016-03-09 09:45:29 ----A---- C:\windows\SYSWOW64\dciman32.dll
2016-03-09 09:45:29 ----A---- C:\windows\SYSWOW64\atmlib.dll
2016-03-09 09:45:18 ----A---- C:\windows\system32\generaltel.dll
2016-03-09 09:45:18 ----A---- C:\windows\system32\appraiser.dll
2016-03-09 09:45:18 ----A---- C:\windows\system32\aeinv.dll
2016-03-09 09:45:17 ----A---- C:\windows\system32\invagent.dll
2016-03-09 09:45:17 ----A---- C:\windows\system32\devinv.dll
2016-03-09 09:45:17 ----A---- C:\windows\system32\CompatTelRunner.exe
2016-03-09 09:45:17 ----A---- C:\windows\system32\acmigration.dll
2016-03-06 13:48:09 ----D---- C:\AdwCleaner
2016-03-06 12:53:30 ----A---- C:\windows\SYSWOW64\javaws.exe
2016-03-06 12:37:57 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-64.dll
2016-03-06 12:33:39 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-03-03 20:44:20 ----D---- C:\ProgramData\Adobe
2016-03-03 20:43:56 ----D---- C:\Program Files (x86)\Adobe
2016-03-03 20:43:50 ----D---- C:\windows\SYSWOW64\Adobe
2016-03-02 16:02:26 ----RD---- C:\Program Files (x86)\Skype
2016-02-27 16:24:54 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2016-02-21 23:39:39 ----D---- C:\Users\Adrianka\AppData\Roaming\Seznam Browser

======List of files/folders modified in the last 1 month======

2016-03-20 17:32:38 ----RD---- C:\Program Files
2016-03-20 17:32:33 ----D---- C:\windows\Temp
2016-03-20 17:25:26 ----A---- C:\windows\SYSWOW64\log.txt
2016-03-20 17:24:10 ----D---- C:\windows\system32\Tasks
2016-03-20 17:21:25 ----D---- C:\ProgramData\Boxtools
2016-03-20 17:20:26 ----D---- C:\windows\system32\config
2016-03-19 20:12:30 ----D---- C:\windows\System32
2016-03-19 20:12:30 ----D---- C:\windows\inf
2016-03-19 20:12:30 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-03-19 16:33:24 ----SHD---- C:\System Volume Information
2016-03-19 16:20:30 ----D---- C:\ProgramData\Hewlett-Packard
2016-03-18 17:59:06 ----D---- C:\windows\winsxs
2016-03-18 17:54:10 ----D---- C:\windows\Help
2016-03-18 17:53:38 ----SHD---- C:\windows\Installer
2016-03-18 17:53:38 ----SHD---- C:\Config.Msi
2016-03-18 17:53:38 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-03-18 17:53:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-03-18 17:53:09 ----RSD---- C:\windows\assembly
2016-03-18 17:47:34 ----RSD---- C:\windows\Fonts
2016-03-18 17:46:04 ----D---- C:\swsetup
2016-03-18 16:30:31 ----D---- C:\ProgramData\PDFC
2016-03-17 06:15:15 ----D---- C:\windows\AppCompat
2016-03-16 21:21:21 ----SD---- C:\windows\system32\GWX
2016-03-16 21:21:16 ----D---- C:\windows\Logs
2016-03-16 21:14:03 ----D---- C:\windows\Tasks
2016-03-16 21:09:48 ----RD---- C:\Program Files (x86)
2016-03-16 12:55:24 ----D---- C:\ProgramData\Microsoft Help
2016-03-16 09:37:18 ----D---- C:\windows\system32\DriverStore
2016-03-16 09:37:16 ----D---- C:\windows\system32\drivers
2016-03-16 08:23:58 ----D---- C:\windows\SysWOW64
2016-03-16 08:21:04 ----D---- C:\Windows
2016-03-16 07:47:22 ----D---- C:\windows\SoftwareDistribution
2016-03-16 07:47:20 ----D---- C:\windows\SYSWOW64\drivers
2016-03-15 20:38:05 ----HD---- C:\ProgramData
2016-03-13 13:28:07 ----D---- C:\Users\Adrianka\AppData\Roaming\BSplayer
2016-03-11 10:45:14 ----D---- C:\windows\system32\catroot2
2016-03-09 14:31:10 ----D---- C:\windows\Microsoft.NET
2016-03-09 13:57:37 ----D---- C:\windows\SYSWOW64\en-US
2016-03-09 13:57:37 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-03-09 13:57:37 ----D---- C:\windows\system32\cs-CZ
2016-03-09 13:57:37 ----D---- C:\Program Files\Internet Explorer
2016-03-09 13:57:36 ----D---- C:\windows\system32\en-US
2016-03-09 13:57:35 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-09 13:57:30 ----D---- C:\windows\AppPatch
2016-03-09 12:21:29 ----D---- C:\windows\system32\appraiser
2016-03-06 12:54:10 ----D---- C:\ProgramData\Oracle
2016-03-06 12:53:53 ----D---- C:\Program Files (x86)\Java
2016-03-06 12:37:49 ----D---- C:\Program Files\Java
2016-03-06 12:37:08 ----D---- C:\Program Files (x86)\Common Files
2016-03-06 12:35:44 ----A---- C:\windows\system32\WindowsAccessBridge-64.dll
2016-03-03 20:44:31 ----D---- C:\windows\Downloaded Program Files
2016-03-03 20:44:20 ----D---- C:\Users\Adrianka\AppData\Roaming\Adobe
2016-03-02 22:46:37 ----A---- C:\windows\win.ini
2016-03-02 16:02:33 ----D---- C:\ProgramData\Skype
2016-03-02 15:54:49 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2016-03-01 08:29:29 ----D---- C:\windows\AutoKMS
2016-02-29 21:19:07 ----D---- C:\windows\system32\catroot
2016-02-29 15:59:14 ----D---- C:\Program Files\Microsoft Security Client
2016-02-29 15:59:14 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-02-29 07:04:42 ----SD---- C:\Users\Adrianka\AppData\Roaming\Microsoft
2016-02-29 06:40:57 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-29 06:40:55 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-28 17:21:17 ----D---- C:\Program Files (x86)\Opera
2016-02-26 21:44:40 ----SD---- C:\windows\SYSWOW64\GWX
2016-02-21 23:42:54 ----D---- C:\Program Files\Common Files\Apple
2016-02-21 23:36:59 ----DC---- C:\windows\system32\DRVSTORE
2016-02-21 23:25:06 ----D---- C:\The KMPlayer
2016-02-21 23:20:32 ----D---- C:\Program Files (x86)\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2016-03-11 74544]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2016-03-11 287016]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-01-27 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2016-03-11 103064]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2016-03-11 1070904]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2016-03-11 463744]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-10-20 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2016-03-11 37656]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2016-03-11 107792]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2016-03-11 165344]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-01-27 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-14 10496000]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-14 326656]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2011-02-09 486144]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2010-12-03 25912]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-09-01 12306848]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-01-31 174168]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 406632]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-07-19 1145448]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2010-12-21 1826048]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2011-01-27 520192]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\drivers\SynTP.sys [2011-02-04 1413680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2012-01-02 80384]
S3 btmaudio;Motorola Bluetooth Audio Service; C:\windows\system32\drivers\btmaud.sys [2010-10-14 43008]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-06-30 52736]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-10 64312]
S3 EsgScanner;EsgScanner; C:\windows\system32\DRIVERS\EsgScanner.sys [2016-01-30 22704]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-09-01 12306848]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 WinUsb;WinUsb; C:\windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-11 237096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-29 281656]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-01-27 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-27 296448]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-04-05 1094712]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21 154440]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-12-20 26168]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-16 269504]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-05-10 464440]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-02-07 1028096]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-02-07 647680]
S3 GDOCService;gDoc PDF Service; C:\Users\Adrianka\Desktop\MWFSrv.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21 154440]
S3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-09-14 1255736]
S4 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-14 204288]
S4 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2011-02-09 4151376]
S4 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2011-03-01 1189968]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2011-02-16 680016]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineCore1d16cf5b267b9b1.job
C:\windows\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1701670353-1839004531-336993662-1001.job
C:\windows\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1701670353-1839004531-336993662-1001.job
C:\windows\AutoKMS.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[NovOn11]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adrianka at 2016-03-20 20:16:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 186 GB (41%) free of 455 GB
Total RAM: 4030 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:17:15, on 20.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\ProgramData\Boxtools\Toolbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe
C:\Program Files\trend micro\Adrianka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: gDoc PDF Service (GDOCService) - Unknown owner - C:\Users\Adrianka\Desktop\MWFSrv.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 15893 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
"C:\windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {3083B844-C23B-4A42-8E72-E7300E590B0A}
"taskhost.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
C:\windows\System32\svchost.exe -k utcsvc
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
taskeng.exe {C17AEE8E-E28F-411A-B04C-B39F53E69D06}
"C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe" /logoncheck
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2588
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
taskeng.exe {D959F00F-A494-4621-9C00-E32B1582DBE2}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\File Association Helper\FAHWindow.exe" register
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\ProgramData\Boxtools\Toolbox.exe" -autorun
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
-Minimized
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\AVAST Software\Avast\avBugReport.exe" --send dumps|report
\??\C:\windows\system32\conhost.exe "-951482534662052376-20778197081100604438-1951127041758890040-1839956191-895165525
C:\windows\system32\GWX\GWX.exe /updateconfig
"C:\Users\Adrianka\Desktop\RSITx64.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /runevent "C:\Program Files (x86)\Real\RealPlayer\rpwa3260.dll" WatchFolders_Timer
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe -check pepperplugin
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\windows\tasks\XboxStatTask.job - C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe silentrun

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-06 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-11 901600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-06 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-06 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-11 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-06 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-12-20 414920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-04 2679592]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-09-01 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-09-01 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-09-01 416024]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-01-27 835072]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-02-09 200704]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"FAHConsole"=C:\Program Files\File Association Helper\FAHConsole.exe [2014-01-28 729272]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]
"Boxoft Tools"=C:\ProgramData\Boxtools\Boxofttoolbox.exe [2010-12-15 514048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-02-13 60712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
C:\Program Files\Motorola\Bluetooth\btmshell.dll [2011-02-16 21709904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-11-10 169528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-01-29 299576]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-14 343168]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-04-05 94264]
""= []
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-02-13 60712]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013-07-25 1985824]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-19 7139256]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2014-12-17 295512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-09-01 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-20 19:59:04 ----D---- C:\_OTM
2016-03-20 17:32:38 ----D---- C:\rsit
2016-03-20 17:32:38 ----D---- C:\Program Files\trend micro
2016-03-16 21:09:48 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-16 07:47:49 ----A---- C:\windows\system32\drivers\volsnap.sys
2016-03-15 20:20:16 ----D---- C:\FRST
2016-03-11 08:02:13 ----A---- C:\windows\system32\aswBoot.exe
2016-03-11 08:01:08 ----A---- C:\windows\avastSS.scr
2016-03-09 09:48:33 ----A---- C:\windows\system32\drivers\USBSTOR.SYS
2016-03-09 09:48:27 ----A---- C:\windows\system32\seclogon.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\ucrtbase.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 09:48:26 ----A---- C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 09:48:25 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 09:48:25 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 09:48:25 ----A---- C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 09:48:25 ----A---- C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 09:48:24 ----A---- C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 09:48:23 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 09:48:23 ----A---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 09:48:22 ----A---- C:\windows\system32\win32k.sys
2016-03-09 09:48:20 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2016-03-09 09:48:20 ----A---- C:\windows\SYSWOW64\wuapi.dll
2016-03-09 09:48:20 ----A---- C:\windows\system32\wuwebv.dll
2016-03-09 09:48:20 ----A---- C:\windows\system32\wudriver.dll
2016-03-09 09:48:20 ----A---- C:\windows\system32\wucltux.dll
2016-03-09 09:48:20 ----A---- C:\windows\system32\wuaueng.dll
2016-03-09 09:48:20 ----A---- C:\windows\system32\wuapi.dll
2016-03-09 09:48:19 ----A---- C:\windows\SYSWOW64\wups.dll
2016-03-09 09:48:19 ----A---- C:\windows\SYSWOW64\wudriver.dll
2016-03-09 09:48:19 ----A---- C:\windows\SYSWOW64\wuapp.exe
2016-03-09 09:48:19 ----A---- C:\windows\system32\wups2.dll
2016-03-09 09:48:19 ----A---- C:\windows\system32\wups.dll
2016-03-09 09:48:19 ----A---- C:\windows\system32\wuauclt.exe
2016-03-09 09:48:19 ----A---- C:\windows\system32\wuapp.exe
2016-03-09 09:48:19 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2016-03-09 09:48:19 ----A---- C:\windows\system32\WinSetupUI.dll
2016-03-09 09:48:14 ----A---- C:\windows\system32\drivers\ntfs.sys
2016-03-09 09:48:12 ----A---- C:\windows\system32\oleaut32.dll
2016-03-09 09:48:11 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-03-09 09:48:10 ----A---- C:\windows\SYSWOW64\asycfilt.dll
2016-03-09 09:48:10 ----A---- C:\windows\system32\asycfilt.dll
2016-03-09 09:48:04 ----A---- C:\windows\SYSWOW64\iernonce.dll
2016-03-09 09:48:04 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 09:48:04 ----A---- C:\windows\system32\iertutil.dll
2016-03-09 09:48:02 ----A---- C:\windows\SYSWOW64\inseng.dll
2016-03-09 09:48:02 ----A---- C:\windows\system32\iernonce.dll
2016-03-09 09:48:02 ----A---- C:\windows\system32\ieetwcollector.exe
2016-03-09 09:48:01 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2016-03-09 09:48:01 ----A---- C:\windows\system32\ieetwproxystub.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\occache.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-03-09 09:48:00 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-03-09 09:48:00 ----A---- C:\windows\system32\inseng.dll
2016-03-09 09:48:00 ----A---- C:\windows\system32\ie4uinit.exe
2016-03-09 09:47:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-03-09 09:47:59 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-03-09 09:47:59 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-03-09 09:47:59 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 09:47:58 ----A---- C:\windows\SYSWOW64\iesetup.dll
2016-03-09 09:47:58 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-03-09 09:47:57 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-03-09 09:47:57 ----A---- C:\windows\system32\urlmon.dll
2016-03-09 09:47:57 ----A---- C:\windows\system32\occache.dll
2016-03-09 09:47:57 ----A---- C:\windows\system32\ieetwcollectorres.dll
2016-03-09 09:47:57 ----A---- C:\windows\system32\iedkcs32.dll
2016-03-09 09:47:56 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2016-03-09 09:47:56 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2016-03-09 09:47:56 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2016-03-09 09:47:55 ----A---- C:\windows\SYSWOW64\ieui.dll
2016-03-09 09:47:55 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-03-09 09:47:55 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2016-03-09 09:47:55 ----A---- C:\windows\system32\msfeeds.dll
2016-03-09 09:47:55 ----A---- C:\windows\system32\dxtrans.dll
2016-03-09 09:47:54 ----A---- C:\windows\system32\iesetup.dll
2016-03-09 09:47:54 ----A---- C:\windows\system32\ieapfltr.dll
2016-03-09 09:47:53 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-03-09 09:47:53 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 09:47:53 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2016-03-09 09:47:52 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-03-09 09:47:52 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-03-09 09:47:52 ----A---- C:\windows\system32\vbscript.dll
2016-03-09 09:47:52 ----A---- C:\windows\system32\jsproxy.dll
2016-03-09 09:47:51 ----A---- C:\windows\SYSWOW64\msrating.dll
2016-03-09 09:47:51 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2016-03-09 09:47:51 ----A---- C:\windows\system32\ieui.dll
2016-03-09 09:47:51 ----A---- C:\windows\system32\dxtmsft.dll
2016-03-09 09:47:50 ----A---- C:\windows\system32\mshtmled.dll
2016-03-09 09:47:50 ----A---- C:\windows\system32\ieframe.dll
2016-03-09 09:47:49 ----A---- C:\windows\system32\webcheck.dll
2016-03-09 09:47:49 ----A---- C:\windows\system32\mshtmlmedia.dll
2016-03-09 09:47:49 ----A---- C:\windows\system32\jscript9diag.dll
2016-03-09 09:47:49 ----A---- C:\windows\system32\jscript.dll
2016-03-09 09:47:49 ----A---- C:\windows\system32\ieUnatt.exe
2016-03-09 09:47:48 ----A---- C:\windows\system32\wininet.dll
2016-03-09 09:47:48 ----A---- C:\windows\system32\jscript9.dll
2016-03-09 09:47:47 ----A---- C:\windows\system32\msrating.dll
2016-03-09 09:47:47 ----A---- C:\windows\system32\MshtmlDac.dll
2016-03-09 09:47:46 ----A---- C:\windows\system32\mshtml.dll
2016-03-09 09:46:36 ----A---- C:\windows\system32\ntoskrnl.exe
2016-03-09 09:46:36 ----A---- C:\windows\system32\ntdll.dll
2016-03-09 09:46:34 ----A---- C:\windows\SYSWOW64\ntdll.dll
2016-03-09 09:46:34 ----A---- C:\windows\system32\KernelBase.dll
2016-03-09 09:46:34 ----A---- C:\windows\system32\kerberos.dll
2016-03-09 09:46:33 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2016-03-09 09:46:32 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 09:46:31 ----A---- C:\windows\system32\kernel32.dll
2016-03-09 09:46:30 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-03-09 09:46:30 ----A---- C:\windows\SYSWOW64\kerberos.dll
2016-03-09 09:46:30 ----A---- C:\windows\SYSWOW64\advapi32.dll
2016-03-09 09:46:30 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-03-09 09:46:30 ----A---- C:\windows\system32\advapi32.dll
2016-03-09 09:46:29 ----A---- C:\windows\system32\lsasrv.dll
2016-03-09 09:46:29 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-03-09 09:46:28 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2016-03-09 09:46:28 ----A---- C:\windows\system32\smss.exe
2016-03-09 09:46:28 ----A---- C:\windows\system32\schannel.dll
2016-03-09 09:46:28 ----A---- C:\windows\system32\rpcrt4.dll
2016-03-09 09:46:28 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-03-09 09:46:27 ----A---- C:\windows\system32\wow64win.dll
2016-03-09 09:46:27 ----A---- C:\windows\system32\msv1_0.dll
2016-03-09 09:46:27 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-03-09 09:46:26 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-03-09 09:46:26 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-03-09 09:46:26 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\wow64.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\winsrv.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\wdigest.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\TSpkg.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\sspicli.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\srcore.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\ncrypt.dll
2016-03-09 09:46:26 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-03-09 09:46:26 ----A---- C:\windows\system32\conhost.exe
2016-03-09 09:46:25 ----A---- C:\windows\SYSWOW64\wdigest.dll
2016-03-09 09:46:25 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2016-03-09 09:46:25 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\wow64cpu.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\sspisrv.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\srclient.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\secur32.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\lsass.exe
2016-03-09 09:46:25 ----A---- C:\windows\system32\csrsrv.dll
2016-03-09 09:46:25 ----A---- C:\windows\system32\cryptbase.dll
2016-03-09 09:46:24 ----A---- C:\windows\SYSWOW64\srclient.dll
2016-03-09 09:46:24 ----A---- C:\windows\SYSWOW64\secur32.dll
2016-03-09 09:46:24 ----A---- C:\windows\SYSWOW64\kernel32.dll
2016-03-09 09:46:24 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2016-03-09 09:46:24 ----A---- C:\windows\SYSWOW64\credssp.dll
2016-03-09 09:46:24 ----A---- C:\windows\system32\rstrui.exe
2016-03-09 09:46:24 ----A---- C:\windows\system32\ntvdm64.dll
2016-03-09 09:46:24 ----A---- C:\windows\system32\credssp.dll
2016-03-09 09:46:24 ----A---- C:\windows\system32\auditpol.exe
2016-03-09 09:46:23 ----A---- C:\windows\SYSWOW64\wow32.dll
2016-03-09 09:46:23 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2016-03-09 09:46:23 ----A---- C:\windows\SYSWOW64\auditpol.exe
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 09:46:22 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 09:46:21 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 09:46:20 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 09:46:20 ----A---- C:\windows\SYSWOW64\user.exe
2016-03-09 09:46:20 ----A---- C:\windows\SYSWOW64\setup16.exe
2016-03-09 09:46:20 ----A---- C:\windows\SYSWOW64\instnm.exe
2016-03-09 09:46:20 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2016-03-09 09:46:20 ----A---- C:\windows\system32\apisetschema.dll
2016-03-09 09:46:19 ----A---- C:\windows\SYSWOW64\msobjs.dll
2016-03-09 09:46:19 ----A---- C:\windows\SYSWOW64\msaudite.dll
2016-03-09 09:46:19 ----A---- C:\windows\SYSWOW64\adtschema.dll
2016-03-09 09:46:19 ----A---- C:\windows\system32\msobjs.dll
2016-03-09 09:46:19 ----A---- C:\windows\system32\msaudite.dll
2016-03-09 09:46:19 ----A---- C:\windows\system32\adtschema.dll
2016-03-09 09:45:37 ----A---- C:\windows\system32\mfds.dll
2016-03-09 09:45:36 ----A---- C:\windows\SYSWOW64\mfds.dll
2016-03-09 09:45:32 ----A---- C:\windows\system32\atmfd.dll
2016-03-09 09:45:31 ----A---- C:\windows\SYSWOW64\atmfd.dll
2016-03-09 09:45:31 ----A---- C:\windows\system32\lpk.dll
2016-03-09 09:45:30 ----A---- C:\windows\SYSWOW64\fontsub.dll
2016-03-09 09:45:30 ----A---- C:\windows\system32\fontsub.dll
2016-03-09 09:45:30 ----A---- C:\windows\system32\dciman32.dll
2016-03-09 09:45:30 ----A---- C:\windows\system32\atmlib.dll
2016-03-09 09:45:29 ----A---- C:\windows\SYSWOW64\lpk.dll
2016-03-09 09:45:29 ----A---- C:\windows\SYSWOW64\dciman32.dll
2016-03-09 09:45:29 ----A---- C:\windows\SYSWOW64\atmlib.dll
2016-03-09 09:45:18 ----A---- C:\windows\system32\generaltel.dll
2016-03-09 09:45:18 ----A---- C:\windows\system32\appraiser.dll
2016-03-09 09:45:18 ----A---- C:\windows\system32\aeinv.dll
2016-03-09 09:45:17 ----A---- C:\windows\system32\invagent.dll
2016-03-09 09:45:17 ----A---- C:\windows\system32\devinv.dll
2016-03-09 09:45:17 ----A---- C:\windows\system32\CompatTelRunner.exe
2016-03-09 09:45:17 ----A---- C:\windows\system32\acmigration.dll
2016-03-06 13:48:09 ----D---- C:\AdwCleaner
2016-03-06 12:53:30 ----A---- C:\windows\SYSWOW64\javaws.exe
2016-03-06 12:37:57 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-64.dll
2016-03-06 12:33:39 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-03-03 20:44:20 ----D---- C:\ProgramData\Adobe
2016-03-03 20:43:56 ----D---- C:\Program Files (x86)\Adobe
2016-03-03 20:43:50 ----D---- C:\windows\SYSWOW64\Adobe
2016-03-02 16:02:26 ----RD---- C:\Program Files (x86)\Skype
2016-02-27 16:24:54 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2016-02-21 23:39:39 ----D---- C:\Users\Adrianka\AppData\Roaming\Seznam Browser

======List of files/folders modified in the last 1 month======

2016-03-20 20:16:59 ----D---- C:\windows\system32\Tasks
2016-03-20 20:16:44 ----D---- C:\windows\Temp
2016-03-20 20:16:13 ----A---- C:\windows\SYSWOW64\log.txt
2016-03-20 20:14:52 ----D---- C:\ProgramData\Boxtools
2016-03-20 20:12:10 ----D---- C:\windows\system32\config
2016-03-20 20:07:01 ----D---- C:\windows\SysWOW64
2016-03-20 19:59:15 ----D---- C:\windows\Tasks
2016-03-20 17:32:38 ----RD---- C:\Program Files
2016-03-19 20:12:30 ----D---- C:\windows\System32
2016-03-19 20:12:30 ----D---- C:\windows\inf
2016-03-19 20:12:30 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-03-19 16:33:24 ----SHD---- C:\System Volume Information
2016-03-19 16:20:30 ----D---- C:\ProgramData\Hewlett-Packard
2016-03-18 17:59:06 ----D---- C:\windows\winsxs
2016-03-18 17:54:10 ----D---- C:\windows\Help
2016-03-18 17:53:38 ----SHD---- C:\windows\Installer
2016-03-18 17:53:38 ----SHD---- C:\Config.Msi
2016-03-18 17:53:38 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-03-18 17:53:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-03-18 17:53:09 ----RSD---- C:\windows\assembly
2016-03-18 17:47:34 ----RSD---- C:\windows\Fonts
2016-03-18 17:46:04 ----D---- C:\swsetup
2016-03-18 16:30:31 ----D---- C:\ProgramData\PDFC
2016-03-17 06:15:15 ----D---- C:\windows\AppCompat
2016-03-16 21:21:21 ----SD---- C:\windows\system32\GWX
2016-03-16 21:21:16 ----D---- C:\windows\Logs
2016-03-16 21:09:48 ----RD---- C:\Program Files (x86)
2016-03-16 12:55:24 ----D---- C:\ProgramData\Microsoft Help
2016-03-16 09:37:18 ----D---- C:\windows\system32\DriverStore
2016-03-16 09:37:16 ----D---- C:\windows\system32\drivers
2016-03-16 08:21:04 ----D---- C:\Windows
2016-03-16 07:47:22 ----D---- C:\windows\SoftwareDistribution
2016-03-16 07:47:20 ----D---- C:\windows\SYSWOW64\drivers
2016-03-15 20:38:05 ----HD---- C:\ProgramData
2016-03-13 13:28:07 ----D---- C:\Users\Adrianka\AppData\Roaming\BSplayer
2016-03-11 10:45:14 ----D---- C:\windows\system32\catroot2
2016-03-09 14:31:10 ----D---- C:\windows\Microsoft.NET
2016-03-09 13:57:37 ----D---- C:\windows\SYSWOW64\en-US
2016-03-09 13:57:37 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-03-09 13:57:37 ----D---- C:\windows\system32\cs-CZ
2016-03-09 13:57:37 ----D---- C:\Program Files\Internet Explorer
2016-03-09 13:57:36 ----D---- C:\windows\system32\en-US
2016-03-09 13:57:35 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-09 13:57:30 ----D---- C:\windows\AppPatch
2016-03-09 12:21:29 ----D---- C:\windows\system32\appraiser
2016-03-06 12:54:10 ----D---- C:\ProgramData\Oracle
2016-03-06 12:53:53 ----D---- C:\Program Files (x86)\Java
2016-03-06 12:37:49 ----D---- C:\Program Files\Java
2016-03-06 12:37:08 ----D---- C:\Program Files (x86)\Common Files
2016-03-06 12:35:44 ----A---- C:\windows\system32\WindowsAccessBridge-64.dll
2016-03-03 20:44:31 ----D---- C:\windows\Downloaded Program Files
2016-03-03 20:44:20 ----D---- C:\Users\Adrianka\AppData\Roaming\Adobe
2016-03-02 22:46:37 ----A---- C:\windows\win.ini
2016-03-02 16:02:33 ----D---- C:\ProgramData\Skype
2016-03-02 15:54:49 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2016-03-01 08:29:29 ----D---- C:\windows\AutoKMS
2016-02-29 21:19:07 ----D---- C:\windows\system32\catroot
2016-02-29 15:59:14 ----D---- C:\Program Files\Microsoft Security Client
2016-02-29 15:59:14 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-02-29 07:04:42 ----SD---- C:\Users\Adrianka\AppData\Roaming\Microsoft
2016-02-29 06:40:57 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-29 06:40:55 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-28 17:21:17 ----D---- C:\Program Files (x86)\Opera
2016-02-26 21:44:40 ----SD---- C:\windows\SYSWOW64\GWX
2016-02-21 23:42:54 ----D---- C:\Program Files\Common Files\Apple
2016-02-21 23:36:59 ----DC---- C:\windows\system32\DRVSTORE
2016-02-21 23:25:06 ----D---- C:\The KMPlayer
2016-02-21 23:20:32 ----D---- C:\Program Files (x86)\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2016-03-11 74544]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2016-03-11 287016]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-01-27 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2016-03-11 103064]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2016-03-11 1070904]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2016-03-11 463744]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-10-20 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2016-03-11 37656]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2016-03-11 107792]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2016-03-11 165344]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-01-27 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-14 10496000]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-14 326656]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2011-02-09 486144]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2010-12-03 25912]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-09-01 12306848]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-01-31 174168]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 406632]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-07-19 1145448]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2010-12-21 1826048]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2011-01-27 520192]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\drivers\SynTP.sys [2011-02-04 1413680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2012-01-02 80384]
S3 btmaudio;Motorola Bluetooth Audio Service; C:\windows\system32\drivers\btmaud.sys [2010-10-14 43008]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-06-30 52736]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-10 64312]
S3 EsgScanner;EsgScanner; C:\windows\system32\DRIVERS\EsgScanner.sys [2016-01-30 22704]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-09-01 12306848]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 WinUsb;WinUsb; C:\windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-11 237096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-29 281656]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-01-27 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-27 296448]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-04-05 1094712]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21 154440]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-12-20 26168]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-16 269504]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-05-10 464440]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-02-07 1028096]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-02-07 647680]
S3 GDOCService;gDoc PDF Service; C:\Users\Adrianka\Desktop\MWFSrv.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21 154440]
S3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-09-14 1255736]
S4 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-14 204288]
S4 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2011-02-09 4151376]
S4 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2011-03-01 1189968]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2011-02-16 680016]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Adrianka.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O20 - AppInit_DLLs:
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.