Pomaly pocitac, cierne okna , pocitac zamrza

[janka173]

Prosim Vas o pomoc

Tu je log

Logfile of random's system information tool 1.16 (written by random/random)
Run by Janka at 2017-10-29 21:20:54
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 418 GB (44%) free of 954 GB
Total RAM: 2046 MB (28% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:24:15, on 29.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\DAODx.exe
C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files\ASUS\EPU\EPU.exe
C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Logitech\Logitech Vid\Vid.exe
C:\Program Files\VoipConnect.com\VoipConnect\voipconnect.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\msfeedssync.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avpui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
C:\Users\Janka\Downloads\RSIT(2).exe
C:\Program Files\trend micro\Janka_RSIT(2).exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=COSP&ptag=D1029 ... =CT3335827
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {0E2877D3-2641-4970-B794-A553E295428D} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\IEExt\ie_plugin.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: (no name) - {ce18769b-c7fa-42d2-860d-17c4662c70ad} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\EPU\EPU.exe" -b
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
O4 - HKCU\..\Run: [VoipConnect] "C:\Program Files\VoipConnect.com\VoipConnect\voipconnect.exe" -nosplash -minimized
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [McAfeeSafeConnect] C:\Program Files\McAfee Safe Connect\McAfee Safe Connect.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Web Companion] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: RF - Formular ausfüllen - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComFillForms.html
O8 - Extra context menu item: RF - Formular speichern - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComSavePass.html
O8 - Extra context menu item: RF - Menü anpassen - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - file://C:/Program Files/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
O9 - Extra button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Symbolleiste anzeigen - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Kaspersky Anti-Virus Service 18.0.0 (AVP18.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe
O23 - Service: Kaspersky Secure Connection Service 2.0.0 (KSDE2.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: WC Assistant (WCAssistantService) - Unknown owner - C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe

--
End of file - 8071 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent
C:\Windows\system32\tasks\Ad-Aware Update (Weekly) - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\Go to RoboForm Install page - C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html? ... JNDJCMLJKJ"
C:\Windows\system32\tasks\Open URL by RoboForm - C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html? ... JNDJCMLJKJ"
C:\Windows\system32\tasks\Run RoboForm TaskBar Icon - C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Windows\system32\tasks\User_Feed_Synchronization-{E5090322-D02E-48B0-8AEF-6ED93C2F75EC} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\{120C3D70-711D-420F-941E-2972E767A77B} - C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\Eurobarre\uninstall.exe
C:\Windows\system32\tasks\{15B4D01A-51EE-48DA-9642-CE2B400D3141} - C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\tasks\{2876E494-8D14-451A-BE6D-AAD3F395B07F} - C:\Windows\system32\pcalua.exe -a D:\SETUP.EXE -d D:\
C:\Windows\system32\tasks\{6D258A18-EBA6-45BC-8985-DF37A80BE25B} - "c:\program files\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/5.1.0.112/en/a ... tinstalled
C:\Windows\system32\tasks\{92E45DDF-733A-40BC-B2FE-B46D6B6FF608} - C:\Windows\system32\pcalua.exe -a D:\nVIDIA\Win7_Vista\Win7_Vista32\setup.exe -d D:\nVIDIA\Win7_Vista\Win7_Vista32
C:\Windows\system32\tasks\{A38D8170-A4A1-4EEE-924D-7F4E16EEC64C} - C:\Windows\system32\pcalua.exe -a C:\Users\Janka\Downloads\autobinarysea_de.exe -d C:\Users\Janka\Downloads
C:\Windows\system32\tasks\{AE2BF349-D337-44AB-936B-EE4F9E1B9FB4} - C:\Windows\system32\pcalua.exe -a C:\Users\Janka\Downloads\OOo_3.3.0_Win_x86_install-wJRE_de.exe -d "C:\Program Files\Mozilla Firefox"
C:\Windows\system32\tasks\{CCDA8473-4A74-4DEE-B54B-7FB17C72C45A} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\TC UP\TC UP.exe" -d "C:\Program Files\TC UP"
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows Defender\MpIdleTask - c:\program files\windows defender\MpCmdRun.exe -IdleTask -TaskName MpIdleTask
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\ASUS\RunDAOD - C:\Windows\DAODx.exe
C:\Windows\system32\tasks\ASUS\TurboVHelp - C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Janka\AppData\Roaming\Mozilla\Firefox\Profiles\ykofq2ca.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://hp.myway.com/funcustomcreations/ ... b&st&p2&si"
prefs.js - "extensions.enabledItems" - "{22119944-ED35-4ab1-910B-E619EA06A115}:6.9.98, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {ce18769b-c7fa-42d2-860d-17c4662c70ad}:2.7.2.0, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, KavAntiBanner@Kaspersky.ru:11.0.1.400, linkfilter@kaspersky.ru:11.0.1.400, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{22119944-ED35-4ab1-910B-E619EA06A115}"=C:\Program Files\Siber Systems\AI RoboForm\Firefox\roboform.xpi
"light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@MoneyMillionaire/npdf]
"Description"=npdf
"Path"=C:\ProgramData\Rabatt-Finder\FFExtension20140205062455\plugins\npdf.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@siber.com/RoboForm]
"Description"=
"Path"=C:\Program Files\Siber Systems\AI RoboForm\chrome\plugin\np-rf-plugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.DEU
nppdf32.dll

C:\Users\Janka\AppData\Roaming\Mozilla\Firefox\Profiles\ykofq2ca.default\extensions\
_efMembers_@free.funcustomcreations.com

C:\Users\Janka\AppData\Roaming\Mozilla\Firefox\Profiles\ykofq2ca.default\searchplugins\
bing-lavasoft.xml

C:\Users\Janka\AppData\Roaming\Mozilla\Firefox\Profiles\ykofq2ca.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

C:\Users\Janka\AppData\Roaming\Mozilla\Firefox\Profiles\ykofq2ca.default\extensions.json
Firefox Hotfix - extension - firefox-hotfix@mozilla.org -
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -
RoboForm Toolbar - extension - {22119944-ED35-4ab1-910B-E619EA06A115} -
RoboForm Toolbar - extension - {22119944-ED35-4ab1-910B-E619EA06A115} -
Search Anonymo - extension - @searchanonymo -
FunCustomCreations - extension - _efMembers_@free.funcustomcreations.com -
Multi-process staged rollout - extension - e10srollout@mozilla.org -
Pocket - extension - firefox@getpocket.com -
Web Compat - extension - webcompat@mozilla.org -
Application Update Service Helper - extension - aushelper@mozilla.org -
Firefox Screenshots - extension - screenshots@mozilla.org -
Click-to-Play staged rollout - extension - clicktoplay-rollout@mozilla.org -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Shield Recipe Client - extension - shield-recipe-client@mozilla.org -
Activity Stream - extension - activity-stream@mozilla.org -
Form Autofill - extension - formautofill@mozilla.org -
Photon onboarding - extension - onboarding@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -
Shield Recipe Client - extension - shield-recipe-client@mozilla.org -
Kaspersky Protection - webextension - light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com -

C:\Users\Janka\AppData\Roaming\Mozilla\Firefox\Profiles\ykofq2ca.default\pluginreg.dat
Plugin - Shockwave Flash - 27.0.0.183 - C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_183.dll

=========Google Chrome=========

C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Google Docs 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Google Drive 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google-Suche 0.0.0.60
Extension dchlnpcodkpfdpacogkljefecpegganj 0 Modul zur Link-Untersuchung 13.0.1.4190
Extension dnhpdliibojhegemfjheidglijccjfmc hotword helper 0.0.2.0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension epadnjldocmkadjbopkanclaamocokoo 1 busuu.com (de) 2.0
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 0.0.0.8
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Google Docs Offline 1.4
Extension hakdifolhalapjijoafobooafbilfakh 0 Sicherer Zahlungsverkehr 13.0.1.4190
Extension hghkgaeecgjhjkannahfamoehjmkjail 1 Modul für das Blockieren gefährlicher Webseiten 13.0.1.4190
Extension jagncdcchgajhfhijbbhecadmaiegcmh 1 Virtuelle Tastatur 13.0.1.4292
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension kmhkepipobnjllejbafajoemahjejdcm 1 iGraal Cashback-Melder 2.0.5.0
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension nbpagnldghgfoolbancepceaanlmhfmd 1 Hotword triggering 0.0.1.4
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Chrome Web Store-Zahlungen 1.0.0.0
Extension oojdbjfeamokogkeipeejegidjceiaio 1 Spottster 22
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Google Mail 8.1
Extension pjldcfjmnllhmgjclecdnfampinooman 0 Anti-Banner 13.0.1.4190
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5216.530.0.15
Extension pnlccmojcmeohlpggmfnbbiapkmbliob 1 RoboForm Password Manager 7.9.21.5
Homepage: http://www.google.com/
default_search_provider.search_url:
C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk]
"Path"=https://chrome.google.com/webstore/deta ... pnanfjnolk


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D}]
Kaspersky Protection - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\IEExt\ie_plugin.dll [2017-10-29 1150312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2017-01-31 27789608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ce18769b-c7fa-42d2-860d-17c4662c70ad}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2017-01-31 27789608]
{4853DF44-7D6B-48E9-9258-D800EEE54AF6} - Kaspersky Protection Toolbar - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\IEExt\ie_plugin.dll [2017-10-29 1150312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TurboV EVO"=C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe [2010-04-07 9919104]
"Six Engine"=C:\Program Files\ASUS\EPU\EPU.exe [2010-03-16 5309056]
"NUSB3MON"=C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-01-22 106496]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2015-07-27 311616]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"=C:\Program Files\Logitech\Logitech Vid\vid.exe [2009-07-16 5458704]
"VoipConnect"=C:\Program Files\VoipConnect.com\VoipConnect\voipconnect.exe [2017-10-11 42303056]
"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2017-01-31 110376]
"McAfeeSafeConnect"=C:\Program Files\McAfee Safe Connect\McAfee Safe Connect.exe []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-12-12 5489944]
"Web Companion"=C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [2017-10-29 2546280]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveTrack"=1
"NoDriveTypeAutoRun"=60

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-10-29 19:33:30 ----A---- C:\Windows\system32\drivers\klif.sys
2017-10-29 19:33:30 ----A---- C:\Windows\system32\drivers\klhk.sys
2017-10-29 19:33:30 ----A---- C:\Windows\system32\drivers\klflt.sys
2017-10-29 19:30:42 ----D---- C:\Users\Janka\AppData\Roaming\Lavasoft
2017-10-29 19:30:25 ----D---- C:\Program Files\Lavasoft
2017-10-29 19:29:49 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2017-10-21 18:19:39 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-10-15 06:42:04 ----A---- C:\Windows\system32\drivers\kneps.sys
2017-10-15 06:42:04 ----A---- C:\Windows\system32\drivers\klwtp.sys
2017-10-15 06:42:04 ----A---- C:\Windows\system32\drivers\kltdi.sys
2017-10-15 06:42:04 ----A---- C:\Windows\system32\drivers\klpd.sys
2017-10-15 06:42:04 ----A---- C:\Windows\system32\drivers\klbackupflt.sys
2017-10-15 06:42:04 ----A---- C:\Windows\system32\drivers\klbackupdisk.sys
2017-10-11 07:58:30 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-11 07:10:42 ----A---- C:\Windows\system32\mshtml.dll
2017-10-11 07:10:36 ----A---- C:\Windows\system32\ieframe.dll
2017-10-11 07:10:35 ----A---- C:\Windows\system32\jscript9.dll
2017-10-11 07:10:33 ----A---- C:\Windows\system32\wininet.dll
2017-10-11 07:10:33 ----A---- C:\Windows\system32\iertutil.dll
2017-10-11 07:10:32 ----A---- C:\Windows\system32\win32k.sys
2017-10-11 07:10:32 ----A---- C:\Windows\system32\urlmon.dll
2017-10-11 07:10:31 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-11 07:10:31 ----A---- C:\Windows\system32\jscript.dll
2017-10-11 07:10:30 ----A---- C:\Windows\system32\vbscript.dll
2017-10-11 07:10:30 ----A---- C:\Windows\system32\tquery.dll
2017-10-11 07:10:30 ----A---- C:\Windows\system32\Query.dll
2017-10-11 07:10:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-11 07:10:30 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-11 07:10:29 ----A---- C:\Windows\system32\ntkrnlpa.exe
2017-10-11 07:10:29 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-11 07:10:29 ----A---- C:\Windows\system32\msexcl40.dll
2017-10-11 07:10:28 ----A---- C:\Windows\system32\msctf.dll
2017-10-11 07:10:28 ----A---- C:\Windows\system32\mf.dll
2017-10-11 07:10:28 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-11 07:10:28 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-11 07:10:27 ----A---- C:\Windows\system32\t2embed.dll
2017-10-11 07:10:27 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-11 07:10:27 ----A---- C:\Windows\system32\gdi32.dll
2017-10-11 07:10:27 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-11 07:10:27 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-11 07:10:26 ----A---- C:\Windows\system32\wlansec.dll
2017-10-11 07:10:26 ----A---- C:\Windows\system32\themeui.dll
2017-10-11 07:10:26 ----A---- C:\Windows\system32\ntdll.dll
2017-10-11 07:10:26 ----A---- C:\Windows\system32\mswstr10.dll
2017-10-11 07:10:26 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-11 07:10:26 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-11 07:10:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-11 07:10:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-11 07:10:25 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-11 07:10:25 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-11 07:10:25 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-11 07:10:25 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-11 07:10:25 ----A---- C:\Windows\system32\webcheck.dll
2017-10-11 07:10:25 ----A---- C:\Windows\system32\msjint40.dll
2017-10-11 07:10:25 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-11 07:10:24 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-11 07:10:24 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-11 07:10:24 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-11 07:10:24 ----A---- C:\Windows\system32\icaapi.dll
2017-10-11 07:10:23 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-11 07:10:23 ----A---- C:\Windows\system32\mfps.dll
2017-10-11 07:10:23 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-11 07:10:23 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-11 07:10:23 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-11 07:10:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-11 07:10:22 ----A---- C:\Windows\system32\smss.exe
2017-10-11 07:10:22 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-11 07:10:22 ----A---- C:\Windows\system32\kerberos.dll
2017-10-11 07:10:22 ----A---- C:\Windows\system32\ieui.dll
2017-10-11 07:10:22 ----A---- C:\Windows\system32\advapi32.dll
2017-10-11 07:10:20 ----A---- C:\Windows\system32\occache.dll
2017-10-11 07:10:20 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-11 07:10:20 ----A---- C:\Windows\system32\mssvp.dll
2017-10-11 07:10:20 ----A---- C:\Windows\system32\mssrch.dll
2017-10-11 07:10:20 ----A---- C:\Windows\system32\msrating.dll
2017-10-11 07:10:20 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-11 07:10:20 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\wdigest.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\sspicli.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\srcore.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\schannel.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\mssph.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\inseng.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-11 07:10:19 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-11 07:10:19 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-11 07:10:18 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\srclient.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\secur32.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-11 07:10:18 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-11 07:10:18 ----A---- C:\Windows\system32\rstrui.exe
2017-10-11 07:10:18 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\lsass.exe
2017-10-11 07:10:18 ----A---- C:\Windows\system32\iesetup.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\iernonce.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-11 07:10:18 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-11 07:10:18 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\credssp.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-11 07:10:18 ----A---- C:\Windows\system32\appidapi.dll
2017-10-11 07:10:18 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-11 07:10:17 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-11 07:10:17 ----A---- C:\Windows\system32\msshooks.dll
2017-10-11 07:10:17 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-11 07:10:17 ----A---- C:\Windows\system32\msobjs.dll
2017-10-11 07:10:17 ----A---- C:\Windows\system32\msaudite.dll
2017-10-11 07:10:17 ----A---- C:\Windows\system32\auditpol.exe
2017-10-11 07:10:17 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-11 07:10:17 ----A---- C:\Windows\system32\adtschema.dll
2017-10-11 07:10:16 ----A---- C:\Windows\system32\mferror.dll
2017-10-11 07:10:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll

======List of files/folders modified in the last 1 month======

2017-10-29 21:22:00 ----D---- C:\Windows\System32
2017-10-29 21:22:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-29 21:21:59 ----D---- C:\Windows\inf
2017-10-29 21:21:03 ----D---- C:\Program Files\trend micro
2017-10-29 21:19:27 ----D---- C:\ProgramData\Kaspersky Lab
2017-10-29 21:14:37 ----SHD---- C:\System Volume Information
2017-10-29 21:14:32 ----D---- C:\ProgramData\NVIDIA
2017-10-29 21:11:12 ----D---- C:\Windows\Temp
2017-10-29 21:01:35 ----D---- C:\Program Files
2017-10-29 21:00:13 ----D---- C:\Windows\system32\drivers
2017-10-29 21:00:08 ----D---- C:\Windows\system32\Tasks
2017-10-29 19:42:42 ----D---- C:\Windows\system32\config
2017-10-29 19:36:17 ----D---- C:\Program Files\Common Files\AV
2017-10-29 19:36:08 ----SHD---- C:\Windows\Installer
2017-10-29 19:35:27 ----D---- C:\Windows\system32\DriverStore
2017-10-29 19:35:21 ----D---- C:\Program Files\Kaspersky Lab
2017-10-29 19:29:58 ----D---- C:\ProgramData\Lavasoft
2017-10-29 19:29:49 ----HD---- C:\ProgramData
2017-10-29 19:21:46 ----D---- C:\Windows
2017-10-28 14:19:28 ----D---- C:\Windows\Tasks
2017-10-28 13:40:24 ----D---- C:\Windows\debug
2017-10-27 20:50:47 ----D---- C:\Windows\rescache
2017-10-27 19:52:00 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-10-27 19:14:21 ----D---- C:\Program Files\Mozilla Firefox
2017-10-26 06:59:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-10-26 06:59:08 ----D---- C:\Windows\system32\Macromed
2017-10-21 18:25:56 ----D---- C:\Windows\Prefetch
2017-10-21 18:21:04 ----D---- C:\ProgramData\IObit
2017-10-21 18:20:36 ----D---- C:\AdwCleaner
2017-10-17 08:53:49 ----D---- C:\Windows\Microsoft.NET
2017-10-13 19:34:58 ----D---- C:\Windows\system32\catroot
2017-10-11 09:12:21 ----D---- C:\Windows\winsxs
2017-10-11 09:08:40 ----D---- C:\Windows\system32\migration
2017-10-11 09:08:40 ----D---- C:\Windows\system32\en-US
2017-10-11 09:08:40 ----D---- C:\Windows\system32\de-DE
2017-10-11 09:08:40 ----D---- C:\Program Files\Internet Explorer
2017-10-11 08:20:54 ----D---- C:\ProgramData\Microsoft Help
2017-10-11 08:15:36 ----D---- C:\Windows\system32\MRT
2017-10-11 07:58:00 ----AC---- C:\Windows\system32\MRT.exe
2017-10-11 07:01:34 ----D---- C:\Windows\system32\catroot2
2017-09-30 21:00:45 ----D---- C:\Program Files\McAfee Safe Connect
2017-09-30 20:58:31 ----D---- C:\ProgramData\Malwarebytes

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 14392]
R0 cm_km;AO Kaspersky Lab Cryptographic Module x86 (56 bit); C:\Windows\system32\DRIVERS\cm_km.sys [2016-12-26 176864]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-11 99952]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2016-10-01 165296]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2017-10-15 62168]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2017-10-15 75992]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2017-10-29 229592]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2017-10-29 835296]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2016-10-11 49744]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2017-10-15 45552]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2017-10-15 75760]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\Windows\system32\DRIVERS\klwtp.sys [2017-10-15 117744]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2017-10-15 165056]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2016-05-31 69000]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35088]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2017-10-29 164056]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2016-12-23 50400]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2016-12-07 51424]
R3 kltap;Kaspersky Security Data Escort Adapter; C:\Windows\system32\DRIVERS\kltap.sys [2016-06-07 48056]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 39192]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-08-21 66592]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-02-09 260640]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-10-19 31288]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-03-02 1127936]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-08-20 717296]
S1 SASDIFSV;SASDIFSV; \??\C:\Users\Janka\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Users\Janka\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP-Bus-Filtertreiber; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 cpuz132;cpuz132; \??\C:\Program Files\CPUID\PC Wizard 2010\pcwiz32.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2015-05-21 89984]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2017-10-28 40776]
S3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-02-21 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 sisagp;SIS AGP-Bus-Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2015-05-21 184192]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2017-08-30 23040]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-02-21 49664]
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP-Bus-Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S4 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
R2 AVP18.0.0;Kaspersky Anti-Virus Service 18.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe [2017-01-24 354672]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [2009-08-24 406016]
R2 KSDE2.0.0;Kaspersky Secure Connection Service 2.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [2017-01-24 354672]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSSQL$VIAGOGODB;SQL Server (VIAGOGODB); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 WCAssistantService;WC Assistant; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [2017-10-29 25704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-05-21 743688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-26 272384]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 104960]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 295192]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-27 175568]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[janka173]

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-264022193-2710706558-349708152-1000\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Value] - HKU\S-1-5-21-264022193-2710706558-349708152-1000\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{46514298-44b4-4500-a8f0-9cce653c283a}|DisplayName []
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{46514298-44b4-4500-a8f0-9cce653c283a}|DisplayIcon []
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{46514298-44b4-4500-a8f0-9cce653c283a}|UninstallString []


***** [ Firefox (and derivatives) ] *****

Plugin deleted: FunCustomCreations - Mindspark


***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [3786 B] - [2016/10/18 8:39:39]
C:/AdwCleaner/AdwCleaner[C2].txt - [3447 B] - [2016/12/17 16:36:23]
C:/AdwCleaner/AdwCleaner[S0].txt - [26788 B] - [2014/5/23 19:11:30]
C:/AdwCleaner/AdwCleaner[S1].txt - [1414 B] - [2014/8/14 18:5:46]
C:/AdwCleaner/AdwCleaner[S2].txt - [6252 B] - [2015/4/16 19:1:58]
C:/AdwCleaner/AdwCleaner[S3].txt - [3829 B] - [2016/10/18 8:38:59]
C:/AdwCleaner/AdwCleaner[S4].txt - [2015 B] - [2016/12/17 16:35:59]
C:/AdwCleaner/AdwCleaner[S5].txt - [3609 B] - [2017/10/21 17:20:36]
C:/AdwCleaner/AdwCleaner[S6].txt - [3081 B] - [2017/10/31 15:36:16]


########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########

[Rudy]

Kde je hlavička logu? Dejte nový log RSIT.