Moj notebook je vyrazne pomaly, v prehliadaci sa nahodne spustaju stranky, nieco nie je ok...
Log prikladam a vopred dakujem za pomoc!
Logfile of random's system information tool 1.10 (written by random/random)
Run by H2H at 2016-04-19 16:48:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 36 GB (12%) free of 293 GB
Total RAM: 3838 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:48:21, on 19. 4. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files\trend micro\H2H.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t44n1t60q
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://un-stop.biz/wpad.dat?5be9e6cc2d1 ... f5d8780167
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files (x86)\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4C3CEE0B-4F2F-44C3-9586-4368F3200143} (ICApki Class) - https://moja.tatrabanka.sk/ibanking/ICApki.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12974 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe" -r
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2212
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe" -hidden
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
taskmgr.exe /3
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="4480.1.1462753040\87358652" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4480 "\\.\pipe\gecko-crash-server-pipe.4480" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe" --proxy-stub-channel=Flash2320.60CB0318.19972 --host-broker-channel=Flash2320.60CB0318.22506 --host-pid=2320 --host-npapi-version=29 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe" --channel=5776.002CF848.1238696593 --proxy-stub-channel=Flash2320.60CB0318.19972 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll" --host-npapi-version=29 --type=renderer
"taskhost.exe"
"C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe" "C:\Users\H2H\AppData\Local\Temp\Banshee.S04E03.720p.HDTV.x264-KILLERS[rartv]-[rarbg.com].torrent" /SHELLASSOC
"C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe" uTorrent_6480_00AD1C58_2042769631 µTorrent4823DF041B09 uTorrent
"C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe" uTorrent_6480_03B9F140_379127461 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\H2H\Downloads\Banshee.S04E03.720p.HDTV.x264-KILLERS[rarbg]\Banshee.S04E03.720p.HDTV.x264-KILLERS.mkv"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
werfault.exe /h /shared Global\71aabdf3920541a899a162a58a6ae7b6
"C:\Users\H2H\Downloads\RSITx64(4).exe"
C:\Windows\system32\svchost.exe -k netsvcs
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
prefs.js - "extensions.enabledItems" - "{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1, onair_FM@marek.chrenko.net:3.5.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, linkfilter@kaspersky.ru:11.0.1.400, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppdf32.SKY
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17 162528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23 800216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17 162528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-29 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23 584664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-29 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17 162528]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23 800216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23 584664]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-06 8060960]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-11-21 200704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-03 320512]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-10-01 823840]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe [2016-04-07 1959424]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-09 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-07 419112]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-10-06 181480]
"WheelMouse"=C:\Program Files (x86)\A4Tech\Mouse\Amoumain.exe [2005-12-14 176128]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2015-12-18 3498720]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14 1085656]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 596528]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=28
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-04-19 16:39:31 ----D---- C:\rsit
2016-04-14 03:13:27 ----SHD---- C:\Config.Msi
2016-04-13 06:51:03 ----A---- C:\Windows\system32\mtxoci.dll
2016-04-13 06:51:02 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-04-13 06:51:02 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-04-13 06:50:52 ----A---- C:\Windows\system32\rpcss.dll
2016-04-13 06:50:51 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-04-13 06:50:51 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-04-13 06:50:51 ----A---- C:\Windows\system32\msxml3r.dll
2016-04-13 06:50:51 ----A---- C:\Windows\system32\msxml3.dll
2016-04-13 06:50:45 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-04-13 06:50:45 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-04-13 06:50:45 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-04-13 06:50:45 ----A---- C:\Windows\system32\ole32.dll
2016-04-13 06:50:45 ----A---- C:\Windows\system32\lsasrv.dll
2016-04-13 06:50:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-04-13 06:50:43 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-04-13 06:50:43 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-04-13 06:50:43 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\smss.exe
2016-04-13 06:50:43 ----A---- C:\Windows\system32\schannel.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\rpcrt4.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\ntdll.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\kernel32.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\kerberos.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\certcli.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\advapi32.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wow64win.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wow64cpu.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wow64.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\winsrv.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wdigest.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\TSpkg.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\sspisrv.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\sspicli.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\srcore.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\srclient.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\secur32.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\rpchttp.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\ncrypt.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\msv1_0.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\lsass.exe
2016-04-13 06:50:42 ----A---- C:\Windows\system32\KernelBase.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-04-13 06:50:42 ----A---- C:\Windows\system32\drivers\appid.sys
2016-04-13 06:50:42 ----A---- C:\Windows\system32\csrsrv.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\cryptbase.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\conhost.exe
2016-04-13 06:50:42 ----A---- C:\Windows\system32\appidapi.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\user.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\rstrui.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\ntvdm64.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\msobjs.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\msaudite.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\credssp.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\auditpol.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\appidsvc.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\apisetschema.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\adtschema.dll
2016-04-13 06:50:16 ----A---- C:\Windows\system32\drivers\disk.sys
2016-04-13 06:50:15 ----A---- C:\Windows\system32\win32k.sys
2016-04-13 06:50:12 ----A---- C:\Windows\system32\tbs.dll
2016-04-13 06:50:12 ----A---- C:\Windows\system32\fveapi.dll
2016-04-13 06:50:11 ----A---- C:\Windows\SYSWOW64\tbs.dll
2016-04-13 06:50:11 ----A---- C:\Windows\system32\fveapibase.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\invagent.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\generaltel.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\devinv.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-04-13 06:50:00 ----A---- C:\Windows\system32\appraiser.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\aepic.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\aeinv.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\acmigration.dll
2016-04-13 06:49:57 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-04-13 06:49:57 ----A---- C:\Windows\system32\samsrv.dll
2016-04-13 06:49:57 ----A---- C:\Windows\system32\samlib.dll
2016-04-13 06:41:19 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-04-13 06:41:19 ----A---- C:\Windows\system32\tzres.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-04-13 06:40:25 ----A---- C:\Windows\system32\iernonce.dll
2016-04-13 06:40:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-04-13 06:40:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-04-13 06:40:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 06:40:24 ----A---- C:\Windows\system32\inseng.dll
2016-04-13 06:40:24 ----A---- C:\Windows\system32\ie4uinit.exe
2016-04-13 06:40:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\urlmon.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\occache.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\iedkcs32.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-04-13 06:40:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 06:40:20 ----A---- C:\Windows\system32\msfeeds.dll
2016-04-13 06:40:20 ----A---- C:\Windows\system32\dxtrans.dll
2016-04-13 06:40:19 ----A---- C:\Windows\system32\iesetup.dll
2016-04-13 06:40:19 ----A---- C:\Windows\system32\ieapfltr.dll
2016-04-13 06:40:17 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-04-13 06:40:17 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-04-13 06:40:17 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-04-13 06:40:17 ----A---- C:\Windows\system32\vbscript.dll
2016-04-13 06:40:17 ----A---- C:\Windows\system32\iertutil.dll
2016-04-13 06:40:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-04-13 06:40:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-04-13 06:40:16 ----A---- C:\Windows\system32\jsproxy.dll
2016-04-13 06:40:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-04-13 06:40:15 ----A---- C:\Windows\system32\dxtmsft.dll
2016-04-13 06:40:14 ----A---- C:\Windows\system32\ieui.dll
2016-04-13 06:40:14 ----A---- C:\Windows\system32\ieframe.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\webcheck.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\mshtmled.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\jscript.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\ieUnatt.exe
2016-04-13 06:40:12 ----A---- C:\Windows\system32\wininet.dll
2016-04-13 06:40:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-04-13 06:40:12 ----A---- C:\Windows\system32\jscript9.dll
2016-04-13 06:40:11 ----A---- C:\Windows\system32\msrating.dll
2016-04-13 06:40:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-04-13 06:40:10 ----A---- C:\Windows\system32\mshtml.dll
2016-04-12 10:01:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2016-04-19 16:48:11 ----D---- C:\Users\H2H\AppData\Roaming\uTorrent
2016-04-19 16:48:03 ----D---- C:\Windows\Temp
2016-04-19 16:48:03 ----D---- C:\Program Files\trend micro
2016-04-19 15:28:57 ----D---- C:\ProgramData\Kaspersky Lab
2016-04-18 10:57:06 ----SHD---- C:\System Volume Information
2016-04-15 16:53:49 ----D---- C:\Windows\system32\DriverStore
2016-04-15 16:50:47 ----D---- C:\Windows\system32\config
2016-04-15 16:50:29 ----D---- C:\Windows\inf
2016-04-15 16:49:42 ----D---- C:\Windows
2016-04-15 16:49:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-15 16:43:40 ----RD---- C:\Program Files (x86)
2016-04-15 16:43:40 ----D---- C:\AdwCleaner
2016-04-15 16:28:07 ----D---- C:\Windows\debug
2016-04-15 16:25:27 ----D---- C:\Users\H2H\AppData\Roaming\vlc
2016-04-14 10:28:12 ----D---- C:\Windows\rescache
2016-04-14 09:05:12 ----A---- C:\Windows\wininit.ini
2016-04-14 04:24:25 ----D---- C:\Windows\Microsoft.NET
2016-04-14 04:21:17 ----RSD---- C:\Windows\assembly
2016-04-14 04:08:25 ----D---- C:\Windows\System32
2016-04-14 04:08:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-14 04:04:03 ----D---- C:\Windows\winsxs
2016-04-14 04:01:42 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2016-04-14 03:57:05 ----D---- C:\Windows\SysWOW64
2016-04-14 03:56:59 ----D---- C:\Windows\SYSWOW64\en-US
2016-04-14 03:56:58 ----D---- C:\Windows\system32\en-US
2016-04-14 03:56:58 ----D---- C:\Windows\system32\drivers
2016-04-14 03:56:57 ----D---- C:\Windows\AppPatch
2016-04-14 03:56:56 ----D---- C:\Windows\system32\Boot
2016-04-14 03:56:55 ----D---- C:\Windows\SYSWOW64\wbem
2016-04-14 03:56:55 ----D---- C:\Windows\system32\wbem
2016-04-14 03:56:55 ----D---- C:\Windows\system32\drivers\en-US
2016-04-14 03:56:55 ----D---- C:\Windows\system32\appraiser
2016-04-14 03:56:55 ----D---- C:\Windows\Logs
2016-04-14 03:56:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-04-14 03:56:51 ----D---- C:\Windows\system32\sk-SK
2016-04-14 03:56:51 ----D---- C:\Program Files\Internet Explorer
2016-04-14 03:56:49 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-14 03:39:09 ----SHD---- C:\Windows\Installer
2016-04-14 03:29:38 ----D---- C:\ProgramData\Microsoft Help
2016-04-14 03:26:56 ----D---- C:\Windows\system32\MRT
2016-04-14 03:15:16 ----A---- C:\Windows\system32\MRT.exe
2016-04-13 06:47:57 ----D---- C:\Windows\system32\catroot2
2016-04-12 15:09:24 ----D---- C:\ProgramData\boost_interprocess
2016-04-08 06:40:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-04-06 10:18:38 ----N---- C:\Windows\system32\MpSigStub.exe
2016-03-25 04:01:12 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-25 04:01:12 ----SD---- C:\Windows\system32\GWX
2016-03-21 11:03:18 ----D---- C:\Windows\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-10-02 16440]
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\Windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2015-06-22 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2015-06-27 70000]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2015-10-23 227000]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2016-03-01 934808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2015-06-11 39096]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2015-10-23 41352]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2015-06-11 65208]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2015-06-16 103096]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2015-06-23 187056]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2016-03-01 77728]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-11 1208320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-10-02 6204928]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-10-02 142848]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-10-02 120336]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-06 1974944]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2015-10-23 181640]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2015-06-06 41144]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41648]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2012-03-14 25600]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-10-02 6204928]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-02 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-10-03 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-08-29 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-08-29 21160]
S3 cxbu0x64;OMNIKEY 6121; C:\Windows\system32\DRIVERS\cxbu0x64.sys [2013-03-22 186880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 Rockey_USB;Feitian ROCKEY4 USB Service; C:\Windows\system32\DRIVERS\Rockey4USB.sys [2012-03-14 16384]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-02 225280]
S3 S3XXx64;SCR3xx USB SmartCardReader64; C:\Windows\system32\DRIVERS\S3XXx64.sys [2009-10-25 67840]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader; C:\Windows\system32\DRIVERS\SCR33X2K.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-10-02 202752]
R2 AVP16.0.0;Služba Kaspersky Anti-Virus 16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [2015-08-21 194000]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-03 873248]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-10-01 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08 269504]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-12 146888]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 vssbrigde64;vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [2015-07-09 144640]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomaleny notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny notebook
Prikladam:
# AdwCleaner v5.112 - Logfile created 20/04/2016 at 08:06:28
# Updated 17/04/2016 by Xplode
# Database : 2016-04-19.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : H2H - H-PC
# Running from : C:\Users\H2H\Desktop\adwcleaner_5.112.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4113 bytes] - [15/04/2016 16:43:40]
C:\AdwCleaner\AdwCleaner[C2].txt - [773 bytes] - [20/04/2016 08:06:28]
C:\AdwCleaner\AdwCleaner[R0].txt - [1726 bytes] - [02/09/2013 11:48:22]
C:\AdwCleaner\AdwCleaner[R1].txt - [882 bytes] - [02/09/2013 12:08:29]
C:\AdwCleaner\AdwCleaner[R2].txt - [1652 bytes] - [06/12/2013 10:27:39]
C:\AdwCleaner\AdwCleaner[R3].txt - [1458 bytes] - [30/10/2014 16:08:47]
C:\AdwCleaner\AdwCleaner[R4].txt - [1807 bytes] - [12/01/2015 12:29:16]
C:\AdwCleaner\AdwCleaner[R5].txt - [1322 bytes] - [29/01/2015 12:56:38]
C:\AdwCleaner\AdwCleaner[R6].txt - [2865 bytes] - [10/02/2015 12:53:24]
C:\AdwCleaner\AdwCleaner[R7].txt - [302 bytes] - [17/07/2015 13:59:34]
C:\AdwCleaner\AdwCleaner[R8].txt - [1572 bytes] - [17/07/2015 14:15:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [1754 bytes] - [02/09/2013 11:50:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [6447 bytes] - [06/12/2013 10:31:47]
C:\AdwCleaner\AdwCleaner[S2].txt - [3458 bytes] - [30/10/2014 16:18:05]
C:\AdwCleaner\AdwCleaner[S3].txt - [1884 bytes] - [12/01/2015 12:31:49]
C:\AdwCleaner\AdwCleaner[S4].txt - [1386 bytes] - [29/01/2015 13:11:42]
C:\AdwCleaner\AdwCleaner[S5].txt - [2934 bytes] - [10/02/2015 13:21:57]
C:\AdwCleaner\AdwCleaner[S6].txt - [1638 bytes] - [17/07/2015 14:21:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2011 bytes] ##########
# AdwCleaner v5.112 - Logfile created 20/04/2016 at 08:06:28
# Updated 17/04/2016 by Xplode
# Database : 2016-04-19.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : H2H - H-PC
# Running from : C:\Users\H2H\Desktop\adwcleaner_5.112.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4113 bytes] - [15/04/2016 16:43:40]
C:\AdwCleaner\AdwCleaner[C2].txt - [773 bytes] - [20/04/2016 08:06:28]
C:\AdwCleaner\AdwCleaner[R0].txt - [1726 bytes] - [02/09/2013 11:48:22]
C:\AdwCleaner\AdwCleaner[R1].txt - [882 bytes] - [02/09/2013 12:08:29]
C:\AdwCleaner\AdwCleaner[R2].txt - [1652 bytes] - [06/12/2013 10:27:39]
C:\AdwCleaner\AdwCleaner[R3].txt - [1458 bytes] - [30/10/2014 16:08:47]
C:\AdwCleaner\AdwCleaner[R4].txt - [1807 bytes] - [12/01/2015 12:29:16]
C:\AdwCleaner\AdwCleaner[R5].txt - [1322 bytes] - [29/01/2015 12:56:38]
C:\AdwCleaner\AdwCleaner[R6].txt - [2865 bytes] - [10/02/2015 12:53:24]
C:\AdwCleaner\AdwCleaner[R7].txt - [302 bytes] - [17/07/2015 13:59:34]
C:\AdwCleaner\AdwCleaner[R8].txt - [1572 bytes] - [17/07/2015 14:15:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [1754 bytes] - [02/09/2013 11:50:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [6447 bytes] - [06/12/2013 10:31:47]
C:\AdwCleaner\AdwCleaner[S2].txt - [3458 bytes] - [30/10/2014 16:18:05]
C:\AdwCleaner\AdwCleaner[S3].txt - [1884 bytes] - [12/01/2015 12:31:49]
C:\AdwCleaner\AdwCleaner[S4].txt - [1386 bytes] - [29/01/2015 13:11:42]
C:\AdwCleaner\AdwCleaner[S5].txt - [2934 bytes] - [10/02/2015 13:21:57]
C:\AdwCleaner\AdwCleaner[S6].txt - [1638 bytes] - [17/07/2015 14:21:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2011 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny notebook
Logfile of random's system information tool 1.10 (written by random/random)
Run by H2H at 2016-04-21 12:09:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 34 GB (12%) free of 293 GB
Total RAM: 3838 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:10:11, on 21. 4. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files\trend micro\H2H.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t44n1t60q
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://un-stop.biz/wpad.dat?5be9e6cc2d1 ... f5d8780167
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files (x86)\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4C3CEE0B-4F2F-44C3-9586-4368F3200143} (ICApki Class) - https://moja.tatrabanka.sk/ibanking/ICApki.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12439 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
taskeng.exe {FA5C0487-BF20-45CB-BFD1-A9127832AA10}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe" -r
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2216
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe" -hidden
taskeng.exe {10CB5C72-50B3-424F-9764-AEA35B0EAF42}
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\04212016_115612.log
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe" uTorrent_4560_03BA26C0_244879361 µTorrent4823DF041B09 uTorrent
"C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe" uTorrent_4560_03BA2770_1134793944 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
taskhost.exe $(Arg0)
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\H2H\Desktop\RSITx64(4).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
prefs.js - "extensions.enabledItems" - "{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1, onair_FM@marek.chrenko.net:3.5.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, linkfilter@kaspersky.ru:11.0.1.400, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppdf32.SKY
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17 162528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23 800216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17 162528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-29 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23 584664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-29 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17 162528]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23 800216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23 584664]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-06 8060960]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-11-21 200704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-03 320512]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-10-01 823840]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe [2016-04-07 1959424]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-09 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-07 419112]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-10-06 181480]
"WheelMouse"=C:\Program Files (x86)\A4Tech\Mouse\Amoumain.exe [2005-12-14 176128]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2015-12-18 3498720]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14 1085656]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=28
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-04-21 11:45:18 ----D---- C:\_OTM
2016-04-19 16:39:31 ----D---- C:\rsit
2016-04-14 03:13:27 ----SHD---- C:\Config.Msi
2016-04-13 06:51:03 ----A---- C:\Windows\system32\mtxoci.dll
2016-04-13 06:51:02 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-04-13 06:51:02 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-04-13 06:50:52 ----A---- C:\Windows\system32\rpcss.dll
2016-04-13 06:50:51 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-04-13 06:50:51 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-04-13 06:50:51 ----A---- C:\Windows\system32\msxml3r.dll
2016-04-13 06:50:51 ----A---- C:\Windows\system32\msxml3.dll
2016-04-13 06:50:45 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-04-13 06:50:45 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-04-13 06:50:45 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-04-13 06:50:45 ----A---- C:\Windows\system32\ole32.dll
2016-04-13 06:50:45 ----A---- C:\Windows\system32\lsasrv.dll
2016-04-13 06:50:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-04-13 06:50:43 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-04-13 06:50:43 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-04-13 06:50:43 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\smss.exe
2016-04-13 06:50:43 ----A---- C:\Windows\system32\schannel.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\rpcrt4.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\ntdll.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\kernel32.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\kerberos.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\certcli.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\advapi32.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wow64win.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wow64cpu.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wow64.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\winsrv.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wdigest.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\TSpkg.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\sspisrv.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\sspicli.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\srcore.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\srclient.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\secur32.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\rpchttp.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\ncrypt.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\msv1_0.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\lsass.exe
2016-04-13 06:50:42 ----A---- C:\Windows\system32\KernelBase.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-04-13 06:50:42 ----A---- C:\Windows\system32\drivers\appid.sys
2016-04-13 06:50:42 ----A---- C:\Windows\system32\csrsrv.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\cryptbase.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\conhost.exe
2016-04-13 06:50:42 ----A---- C:\Windows\system32\appidapi.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\user.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\rstrui.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\ntvdm64.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\msobjs.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\msaudite.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\credssp.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\auditpol.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\appidsvc.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\apisetschema.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\adtschema.dll
2016-04-13 06:50:16 ----A---- C:\Windows\system32\drivers\disk.sys
2016-04-13 06:50:15 ----A---- C:\Windows\system32\win32k.sys
2016-04-13 06:50:12 ----A---- C:\Windows\system32\tbs.dll
2016-04-13 06:50:12 ----A---- C:\Windows\system32\fveapi.dll
2016-04-13 06:50:11 ----A---- C:\Windows\SYSWOW64\tbs.dll
2016-04-13 06:50:11 ----A---- C:\Windows\system32\fveapibase.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\invagent.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\generaltel.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\devinv.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-04-13 06:50:00 ----A---- C:\Windows\system32\appraiser.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\aepic.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\aeinv.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\acmigration.dll
2016-04-13 06:49:57 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-04-13 06:49:57 ----A---- C:\Windows\system32\samsrv.dll
2016-04-13 06:49:57 ----A---- C:\Windows\system32\samlib.dll
2016-04-13 06:41:19 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-04-13 06:41:19 ----A---- C:\Windows\system32\tzres.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-04-13 06:40:25 ----A---- C:\Windows\system32\iernonce.dll
2016-04-13 06:40:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-04-13 06:40:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-04-13 06:40:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 06:40:24 ----A---- C:\Windows\system32\inseng.dll
2016-04-13 06:40:24 ----A---- C:\Windows\system32\ie4uinit.exe
2016-04-13 06:40:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\urlmon.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\occache.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\iedkcs32.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-04-13 06:40:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 06:40:20 ----A---- C:\Windows\system32\msfeeds.dll
2016-04-13 06:40:20 ----A---- C:\Windows\system32\dxtrans.dll
2016-04-13 06:40:19 ----A---- C:\Windows\system32\iesetup.dll
2016-04-13 06:40:19 ----A---- C:\Windows\system32\ieapfltr.dll
2016-04-13 06:40:17 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-04-13 06:40:17 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-04-13 06:40:17 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-04-13 06:40:17 ----A---- C:\Windows\system32\vbscript.dll
2016-04-13 06:40:17 ----A---- C:\Windows\system32\iertutil.dll
2016-04-13 06:40:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-04-13 06:40:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-04-13 06:40:16 ----A---- C:\Windows\system32\jsproxy.dll
2016-04-13 06:40:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-04-13 06:40:15 ----A---- C:\Windows\system32\dxtmsft.dll
2016-04-13 06:40:14 ----A---- C:\Windows\system32\ieui.dll
2016-04-13 06:40:14 ----A---- C:\Windows\system32\ieframe.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\webcheck.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\mshtmled.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\jscript.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\ieUnatt.exe
2016-04-13 06:40:12 ----A---- C:\Windows\system32\wininet.dll
2016-04-13 06:40:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-04-13 06:40:12 ----A---- C:\Windows\system32\jscript9.dll
2016-04-13 06:40:11 ----A---- C:\Windows\system32\msrating.dll
2016-04-13 06:40:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-04-13 06:40:10 ----A---- C:\Windows\system32\mshtml.dll
2016-04-12 10:01:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2016-04-21 12:09:54 ----D---- C:\Program Files\trend micro
2016-04-21 12:09:53 ----D---- C:\Windows\Temp
2016-04-21 12:07:54 ----D---- C:\Windows\system32\DriverStore
2016-04-21 12:07:22 ----D---- C:\Users\H2H\AppData\Roaming\uTorrent
2016-04-21 12:05:41 ----D---- C:\ProgramData\Kaspersky Lab
2016-04-21 12:05:40 ----D---- C:\Windows\system32\config
2016-04-21 12:04:55 ----SHD---- C:\System Volume Information
2016-04-20 08:19:58 ----D---- C:\Windows\winsxs
2016-04-20 08:06:28 ----D---- C:\AdwCleaner
2016-04-19 16:57:23 ----D---- C:\Users\H2H\AppData\Roaming\vlc
2016-04-15 16:50:29 ----D---- C:\Windows\inf
2016-04-15 16:49:42 ----D---- C:\Windows
2016-04-15 16:49:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-15 16:43:40 ----RD---- C:\Program Files (x86)
2016-04-15 16:28:07 ----D---- C:\Windows\debug
2016-04-14 10:28:12 ----D---- C:\Windows\rescache
2016-04-14 09:05:12 ----A---- C:\Windows\wininit.ini
2016-04-14 04:24:25 ----D---- C:\Windows\Microsoft.NET
2016-04-14 04:21:17 ----RSD---- C:\Windows\assembly
2016-04-14 04:08:25 ----D---- C:\Windows\System32
2016-04-14 04:08:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-14 04:01:42 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2016-04-14 03:57:05 ----D---- C:\Windows\SysWOW64
2016-04-14 03:56:59 ----D---- C:\Windows\SYSWOW64\en-US
2016-04-14 03:56:58 ----D---- C:\Windows\system32\en-US
2016-04-14 03:56:58 ----D---- C:\Windows\system32\drivers
2016-04-14 03:56:57 ----D---- C:\Windows\AppPatch
2016-04-14 03:56:56 ----D---- C:\Windows\system32\Boot
2016-04-14 03:56:55 ----D---- C:\Windows\SYSWOW64\wbem
2016-04-14 03:56:55 ----D---- C:\Windows\system32\wbem
2016-04-14 03:56:55 ----D---- C:\Windows\system32\drivers\en-US
2016-04-14 03:56:55 ----D---- C:\Windows\system32\appraiser
2016-04-14 03:56:55 ----D---- C:\Windows\Logs
2016-04-14 03:56:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-04-14 03:56:51 ----D---- C:\Windows\system32\sk-SK
2016-04-14 03:56:51 ----D---- C:\Program Files\Internet Explorer
2016-04-14 03:56:49 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-14 03:39:09 ----SHD---- C:\Windows\Installer
2016-04-14 03:29:38 ----D---- C:\ProgramData\Microsoft Help
2016-04-14 03:26:56 ----D---- C:\Windows\system32\MRT
2016-04-14 03:15:16 ----A---- C:\Windows\system32\MRT.exe
2016-04-13 06:47:57 ----D---- C:\Windows\system32\catroot2
2016-04-12 15:09:24 ----D---- C:\ProgramData\boost_interprocess
2016-04-08 06:40:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-04-06 10:18:38 ----N---- C:\Windows\system32\MpSigStub.exe
2016-03-25 04:01:12 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-25 04:01:12 ----SD---- C:\Windows\system32\GWX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-10-02 16440]
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\Windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2015-06-22 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2015-06-27 70000]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2015-10-23 227000]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2016-03-01 934808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2015-06-11 39096]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2015-10-23 41352]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2015-06-11 65208]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2015-06-16 103096]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2015-06-23 187056]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2016-03-01 77728]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-11 1208320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-10-02 6204928]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-10-02 142848]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-10-02 120336]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-06 1974944]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2015-10-23 181640]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2015-06-06 41144]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41648]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2012-03-14 25600]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-10-02 6204928]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-02 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-10-03 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-08-29 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-08-29 21160]
S3 cxbu0x64;OMNIKEY 6121; C:\Windows\system32\DRIVERS\cxbu0x64.sys [2013-03-22 186880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 Rockey_USB;Feitian ROCKEY4 USB Service; C:\Windows\system32\DRIVERS\Rockey4USB.sys [2012-03-14 16384]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-02 225280]
S3 S3XXx64;SCR3xx USB SmartCardReader64; C:\Windows\system32\DRIVERS\S3XXx64.sys [2009-10-25 67840]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader; C:\Windows\system32\DRIVERS\SCR33X2K.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-10-02 202752]
R2 AVP16.0.0;Služba Kaspersky Anti-Virus 16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [2015-08-21 194000]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-03 873248]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-10-01 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08 269504]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-12 146888]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 vssbrigde64;vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [2015-07-09 144640]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Run by H2H at 2016-04-21 12:09:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 34 GB (12%) free of 293 GB
Total RAM: 3838 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:10:11, on 21. 4. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files\trend micro\H2H.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t44n1t60q
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://un-stop.biz/wpad.dat?5be9e6cc2d1 ... f5d8780167
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files (x86)\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4C3CEE0B-4F2F-44C3-9586-4368F3200143} (ICApki Class) - https://moja.tatrabanka.sk/ibanking/ICApki.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12439 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
taskeng.exe {FA5C0487-BF20-45CB-BFD1-A9127832AA10}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe" -r
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2216
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe" -hidden
taskeng.exe {10CB5C72-50B3-424F-9764-AEA35B0EAF42}
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\04212016_115612.log
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe" uTorrent_4560_03BA26C0_244879361 µTorrent4823DF041B09 uTorrent
"C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe" uTorrent_4560_03BA2770_1134793944 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
taskhost.exe $(Arg0)
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\H2H\Desktop\RSITx64(4).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
prefs.js - "extensions.enabledItems" - "{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1, onair_FM@marek.chrenko.net:3.5.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, linkfilter@kaspersky.ru:11.0.1.400, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppdf32.SKY
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17 162528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23 800216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17 162528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-29 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23 584664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-29 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17 162528]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23 800216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23 584664]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-06 8060960]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-11-21 200704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-03 320512]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-10-01 823840]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe [2016-04-07 1959424]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-09 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-07 419112]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-10-06 181480]
"WheelMouse"=C:\Program Files (x86)\A4Tech\Mouse\Amoumain.exe [2005-12-14 176128]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2015-12-18 3498720]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14 1085656]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=28
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-04-21 11:45:18 ----D---- C:\_OTM
2016-04-19 16:39:31 ----D---- C:\rsit
2016-04-14 03:13:27 ----SHD---- C:\Config.Msi
2016-04-13 06:51:03 ----A---- C:\Windows\system32\mtxoci.dll
2016-04-13 06:51:02 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-04-13 06:51:02 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-04-13 06:50:52 ----A---- C:\Windows\system32\rpcss.dll
2016-04-13 06:50:51 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-04-13 06:50:51 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-04-13 06:50:51 ----A---- C:\Windows\system32\msxml3r.dll
2016-04-13 06:50:51 ----A---- C:\Windows\system32\msxml3.dll
2016-04-13 06:50:45 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-04-13 06:50:45 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-04-13 06:50:45 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-04-13 06:50:45 ----A---- C:\Windows\system32\ole32.dll
2016-04-13 06:50:45 ----A---- C:\Windows\system32\lsasrv.dll
2016-04-13 06:50:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-04-13 06:50:43 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-04-13 06:50:43 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-04-13 06:50:43 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\smss.exe
2016-04-13 06:50:43 ----A---- C:\Windows\system32\schannel.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\rpcrt4.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\ntdll.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\kernel32.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\kerberos.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-04-13 06:50:43 ----A---- C:\Windows\system32\certcli.dll
2016-04-13 06:50:43 ----A---- C:\Windows\system32\advapi32.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-04-13 06:50:42 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wow64win.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wow64cpu.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wow64.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\winsrv.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\wdigest.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\TSpkg.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\sspisrv.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\sspicli.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\srcore.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\srclient.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\secur32.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\rpchttp.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\ncrypt.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\msv1_0.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\lsass.exe
2016-04-13 06:50:42 ----A---- C:\Windows\system32\KernelBase.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-04-13 06:50:42 ----A---- C:\Windows\system32\drivers\appid.sys
2016-04-13 06:50:42 ----A---- C:\Windows\system32\csrsrv.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\cryptbase.dll
2016-04-13 06:50:42 ----A---- C:\Windows\system32\conhost.exe
2016-04-13 06:50:42 ----A---- C:\Windows\system32\appidapi.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 06:50:41 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\user.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-04-13 06:50:41 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\rstrui.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\ntvdm64.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\msobjs.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\msaudite.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\credssp.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\auditpol.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\appidsvc.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 06:50:41 ----A---- C:\Windows\system32\apisetschema.dll
2016-04-13 06:50:41 ----A---- C:\Windows\system32\adtschema.dll
2016-04-13 06:50:16 ----A---- C:\Windows\system32\drivers\disk.sys
2016-04-13 06:50:15 ----A---- C:\Windows\system32\win32k.sys
2016-04-13 06:50:12 ----A---- C:\Windows\system32\tbs.dll
2016-04-13 06:50:12 ----A---- C:\Windows\system32\fveapi.dll
2016-04-13 06:50:11 ----A---- C:\Windows\SYSWOW64\tbs.dll
2016-04-13 06:50:11 ----A---- C:\Windows\system32\fveapibase.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\invagent.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\generaltel.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\devinv.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-04-13 06:50:00 ----A---- C:\Windows\system32\appraiser.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\aepic.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\aeinv.dll
2016-04-13 06:50:00 ----A---- C:\Windows\system32\acmigration.dll
2016-04-13 06:49:57 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-04-13 06:49:57 ----A---- C:\Windows\system32\samsrv.dll
2016-04-13 06:49:57 ----A---- C:\Windows\system32\samlib.dll
2016-04-13 06:41:19 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-04-13 06:41:19 ----A---- C:\Windows\system32\tzres.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-04-13 06:40:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-04-13 06:40:25 ----A---- C:\Windows\system32\iernonce.dll
2016-04-13 06:40:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-04-13 06:40:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-04-13 06:40:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-04-13 06:40:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 06:40:24 ----A---- C:\Windows\system32\inseng.dll
2016-04-13 06:40:24 ----A---- C:\Windows\system32\ie4uinit.exe
2016-04-13 06:40:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-04-13 06:40:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\urlmon.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\occache.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 06:40:21 ----A---- C:\Windows\system32\iedkcs32.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-04-13 06:40:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-04-13 06:40:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 06:40:20 ----A---- C:\Windows\system32\msfeeds.dll
2016-04-13 06:40:20 ----A---- C:\Windows\system32\dxtrans.dll
2016-04-13 06:40:19 ----A---- C:\Windows\system32\iesetup.dll
2016-04-13 06:40:19 ----A---- C:\Windows\system32\ieapfltr.dll
2016-04-13 06:40:17 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-04-13 06:40:17 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-04-13 06:40:17 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-04-13 06:40:17 ----A---- C:\Windows\system32\vbscript.dll
2016-04-13 06:40:17 ----A---- C:\Windows\system32\iertutil.dll
2016-04-13 06:40:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-04-13 06:40:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-04-13 06:40:16 ----A---- C:\Windows\system32\jsproxy.dll
2016-04-13 06:40:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-04-13 06:40:15 ----A---- C:\Windows\system32\dxtmsft.dll
2016-04-13 06:40:14 ----A---- C:\Windows\system32\ieui.dll
2016-04-13 06:40:14 ----A---- C:\Windows\system32\ieframe.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\webcheck.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\mshtmled.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\jscript.dll
2016-04-13 06:40:13 ----A---- C:\Windows\system32\ieUnatt.exe
2016-04-13 06:40:12 ----A---- C:\Windows\system32\wininet.dll
2016-04-13 06:40:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-04-13 06:40:12 ----A---- C:\Windows\system32\jscript9.dll
2016-04-13 06:40:11 ----A---- C:\Windows\system32\msrating.dll
2016-04-13 06:40:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-04-13 06:40:10 ----A---- C:\Windows\system32\mshtml.dll
2016-04-12 10:01:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2016-04-21 12:09:54 ----D---- C:\Program Files\trend micro
2016-04-21 12:09:53 ----D---- C:\Windows\Temp
2016-04-21 12:07:54 ----D---- C:\Windows\system32\DriverStore
2016-04-21 12:07:22 ----D---- C:\Users\H2H\AppData\Roaming\uTorrent
2016-04-21 12:05:41 ----D---- C:\ProgramData\Kaspersky Lab
2016-04-21 12:05:40 ----D---- C:\Windows\system32\config
2016-04-21 12:04:55 ----SHD---- C:\System Volume Information
2016-04-20 08:19:58 ----D---- C:\Windows\winsxs
2016-04-20 08:06:28 ----D---- C:\AdwCleaner
2016-04-19 16:57:23 ----D---- C:\Users\H2H\AppData\Roaming\vlc
2016-04-15 16:50:29 ----D---- C:\Windows\inf
2016-04-15 16:49:42 ----D---- C:\Windows
2016-04-15 16:49:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-15 16:43:40 ----RD---- C:\Program Files (x86)
2016-04-15 16:28:07 ----D---- C:\Windows\debug
2016-04-14 10:28:12 ----D---- C:\Windows\rescache
2016-04-14 09:05:12 ----A---- C:\Windows\wininit.ini
2016-04-14 04:24:25 ----D---- C:\Windows\Microsoft.NET
2016-04-14 04:21:17 ----RSD---- C:\Windows\assembly
2016-04-14 04:08:25 ----D---- C:\Windows\System32
2016-04-14 04:08:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-14 04:01:42 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2016-04-14 03:57:05 ----D---- C:\Windows\SysWOW64
2016-04-14 03:56:59 ----D---- C:\Windows\SYSWOW64\en-US
2016-04-14 03:56:58 ----D---- C:\Windows\system32\en-US
2016-04-14 03:56:58 ----D---- C:\Windows\system32\drivers
2016-04-14 03:56:57 ----D---- C:\Windows\AppPatch
2016-04-14 03:56:56 ----D---- C:\Windows\system32\Boot
2016-04-14 03:56:55 ----D---- C:\Windows\SYSWOW64\wbem
2016-04-14 03:56:55 ----D---- C:\Windows\system32\wbem
2016-04-14 03:56:55 ----D---- C:\Windows\system32\drivers\en-US
2016-04-14 03:56:55 ----D---- C:\Windows\system32\appraiser
2016-04-14 03:56:55 ----D---- C:\Windows\Logs
2016-04-14 03:56:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-04-14 03:56:51 ----D---- C:\Windows\system32\sk-SK
2016-04-14 03:56:51 ----D---- C:\Program Files\Internet Explorer
2016-04-14 03:56:49 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-14 03:39:09 ----SHD---- C:\Windows\Installer
2016-04-14 03:29:38 ----D---- C:\ProgramData\Microsoft Help
2016-04-14 03:26:56 ----D---- C:\Windows\system32\MRT
2016-04-14 03:15:16 ----A---- C:\Windows\system32\MRT.exe
2016-04-13 06:47:57 ----D---- C:\Windows\system32\catroot2
2016-04-12 15:09:24 ----D---- C:\ProgramData\boost_interprocess
2016-04-08 06:40:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-04-06 10:18:38 ----N---- C:\Windows\system32\MpSigStub.exe
2016-03-25 04:01:12 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-25 04:01:12 ----SD---- C:\Windows\system32\GWX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-10-02 16440]
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\Windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2015-06-22 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2015-06-27 70000]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2015-10-23 227000]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2016-03-01 934808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2015-06-11 39096]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2015-10-23 41352]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2015-06-11 65208]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2015-06-16 103096]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2015-06-23 187056]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2016-03-01 77728]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-11 1208320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-10-02 6204928]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-10-02 142848]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-10-02 120336]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-06 1974944]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2015-10-23 181640]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2015-06-06 41144]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41648]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2012-03-14 25600]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-10-02 6204928]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-02 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-10-03 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-08-29 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-08-29 21160]
S3 cxbu0x64;OMNIKEY 6121; C:\Windows\system32\DRIVERS\cxbu0x64.sys [2013-03-22 186880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 Rockey_USB;Feitian ROCKEY4 USB Service; C:\Windows\system32\DRIVERS\Rockey4USB.sys [2012-03-14 16384]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-02 225280]
S3 S3XXx64;SCR3xx USB SmartCardReader64; C:\Windows\system32\DRIVERS\S3XXx64.sys [2009-10-25 67840]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader; C:\Windows\system32\DRIVERS\SCR33X2K.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-10-02 202752]
R2 AVP16.0.0;Služba Kaspersky Anti-Virus 16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [2015-08-21 194000]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-03 873248]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-10-01 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08 269504]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-12 146888]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 vssbrigde64;vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [2015-07-09 144640]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny notebook
Myslel som ze OK, ale otvaranie nahodnych stranok v Mozille pokracuje...
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook
Proveďte ještě následující skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny notebook
Zoek sa mi podarilo 2x... Prikadam oba logy:
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by H2H on çt 28. 04. 2016 at 10:46:31,14.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\H2H\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
28. 4. 2016 10:49:17 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\WinZipEC deleted successfully
C:\Users\H2H\AppData\Roaming\DassaultSystemes deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking deleted successfully
C:\Users\H2H\AppData\Local\DassaultSystemes deleted successfully
C:\Users\H2H\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\H2H\AppData\Local\EmieSiteList deleted successfully
C:\Users\H2H\AppData\Local\EmieUserList deleted successfully
C:\Users\H2H\AppData\Local\WinZip Courier deleted successfully
C:\Users\TUN\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default\prefs.js:
Added to C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default\prefs.js:
Added to C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default\prefs.js:
Added to C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_201628.04._1203_.backup
ProfilePath: C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_201628.04._1203_.backup
ProfilePath: C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_201628.04._1203_.backup
==== Batch Command(s) Run By Tool======================
C:\Windows\system32\appdata deleted
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Windows\syswow64\appdata deleted
C:\extensions.sqlite deleted
C:\Users\H2H\AppData\Roaming\GetRightToGo deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default\CT2481032 deleted
==== Orphaned Tasks deleted from Registry ======================
Search-Protect deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox" [01. 03. 2016 14:30]
==== Firefox Extensions ======================
ProfilePath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
- Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
ProfilePath: C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
57C7E359ED8D049132EED23EFA444C63 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eahebamiopdhefndnmappcihfajigkka - https://chrome.google.com/webstore/deta ... ihfajigkka[]
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[18. 12. 2015 00:27]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.sk/"
"Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACA ... 5t44n1t60q"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.sk/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=i ... lz=1I7ACAW
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
HKCU\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=i ... AW_skSK385
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKCU\Wow6432Node\SearchScopes "DefaultScope"=""
HKCU\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\H2H\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\H2H\AppData\Local\Mozilla\Firefox\Profiles\m9kqbrpg.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by H2H on çt 28. 04. 2016 at 14:19:33,98.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\H2H\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2016-04-28-103559.log 10695 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Added to C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Added to C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Added to C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox" [01. 03. 2016 14:30]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Home Premium x64
Ran by H2H (Administrator) on pi 29. 04. 2016 at 9:17:16,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 29. 04. 2016 at 9:21:35,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by H2H on çt 28. 04. 2016 at 10:46:31,14.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\H2H\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
28. 4. 2016 10:49:17 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\WinZipEC deleted successfully
C:\Users\H2H\AppData\Roaming\DassaultSystemes deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking deleted successfully
C:\Users\H2H\AppData\Local\DassaultSystemes deleted successfully
C:\Users\H2H\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\H2H\AppData\Local\EmieSiteList deleted successfully
C:\Users\H2H\AppData\Local\EmieUserList deleted successfully
C:\Users\H2H\AppData\Local\WinZip Courier deleted successfully
C:\Users\TUN\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default\prefs.js:
Added to C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default\prefs.js:
Added to C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default\prefs.js:
Added to C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_201628.04._1203_.backup
ProfilePath: C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_201628.04._1203_.backup
ProfilePath: C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_201628.04._1203_.backup
==== Batch Command(s) Run By Tool======================
C:\Windows\system32\appdata deleted
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Windows\syswow64\appdata deleted
C:\extensions.sqlite deleted
C:\Users\H2H\AppData\Roaming\GetRightToGo deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default\CT2481032 deleted
==== Orphaned Tasks deleted from Registry ======================
Search-Protect deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox" [01. 03. 2016 14:30]
==== Firefox Extensions ======================
ProfilePath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
- Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
ProfilePath: C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
57C7E359ED8D049132EED23EFA444C63 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eahebamiopdhefndnmappcihfajigkka - https://chrome.google.com/webstore/deta ... ihfajigkka[]
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[18. 12. 2015 00:27]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.sk/"
"Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACA ... 5t44n1t60q"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.sk/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=i ... lz=1I7ACAW
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
HKCU\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=i ... AW_skSK385
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKCU\Wow6432Node\SearchScopes "DefaultScope"=""
HKCU\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\H2H\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\H2H\AppData\Local\Mozilla\Firefox\Profiles\m9kqbrpg.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by H2H on çt 28. 04. 2016 at 14:19:33,98.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\H2H\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2016-04-28-103559.log 10695 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Added to C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Added to C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Added to C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\H2H\AppData\Roaming\Thunderbird\Profiles\i7ctiuvv.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\8y1rhg4g.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox" [01. 03. 2016 14:30]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Home Premium x64
Ran by H2H (Administrator) on pi 29. 04. 2016 at 9:17:16,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 29. 04. 2016 at 9:21:35,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook
Omlouvám se, nějak jste mi zapadl. 
Jak to vypadá nyní?
Jak to vypadá nyní?Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny notebook
Samozrejme lepsie, vdaka!
Neviem, ci by som mal este nieco skusit, ak zo zaslanych vysledkov scanov myslite, ze je to postacujuce, mozme to ukoncit.
V kazdom pripade velmi dakujem za pomoc!
Neviem, ci by som mal este nieco skusit, ak zo zaslanych vysledkov scanov myslite, ze je to postacujuce, mozme to ukoncit.
V kazdom pripade velmi dakujem za pomoc!
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook
Myslím, že nic dalšího není třeba. Kdyby se něco objevilo, ozvěte se. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?